A critical vulnerability, identified as CVE-2025-54952, has been discovered in multiple products that utilize ExecuTorch for model loading. An attacker could exploit this flaw by tricking a system into processing a specially crafted model file, which could allow them to execute arbitrary code and gain full control of the affected machine. This presents a severe risk to the confidentiality, integrity, and availability of organizational data and systems.

The vulnerability is a heap-based buffer overflow caused by an integer overflow condition within the ExecuTorch model loading component. When an application attempts to load a malicious ExecuTorch model file containing an excessively large value for a data structure, the software miscalculates the required memory size. This integer overflow results in the allocation of a memory buffer that is significantly smaller than needed. Subsequently, when the application copies data from the malicious file into this undersized buffer, it overwrites adjacent memory, leading to a buffer overflow. A remote, unauthenticated attacker can exploit this by crafting a malicious model file and delivering it to a vulnerable application, potentially leading to arbitrary code execution with the privileges of the user running the application.

This vulnerability is rated as critical severity with a CVSS score of 9.8, reflecting the high potential for severe business impact. Successful exploitation could lead to a complete system compromise, allowing an attacker to install malware (including ransomware), exfiltrate sensitive corporate or customer data, disrupt critical business operations by causing service denial, or use the compromised system as a staging point for further attacks within the network. The direct risks include major data breaches, significant financial loss, reputational damage, and operational downtime.

Immediate Action: Immediately apply the security updates provided by the vendor to patch the affected products. The primary remediation is to update An integer overflow vulnerability in the loading of ExecuTorch models can cause Multiple Products to the latest version. After patching, it is essential to monitor for any signs of exploitation attempts and to review system and application access logs for anomalous activity related to model file loading.

Proactive Monitoring: Implement enhanced monitoring on systems running affected software. Security teams should look for application crashes or memory-related errors in system logs, particularly from processes that load ExecuTorch models. Monitor network traffic for unusual outbound connections from affected servers, which could indicate a C2 channel. Use EDR solutions to detect suspicious process behavior, such as a data-processing service spawning a command shell.

Compensating Controls: If immediate patching is not feasible, implement the following controls to mitigate risk:

• Restrict the loading of ExecuTorch models to only those from trusted and verified sources.
• Run the affected applications in a sandboxed or containerized environment with minimal privileges to limit the impact of a potential compromise.
• Implement network segmentation to isolate vulnerable systems from critical network assets.
• If possible, deploy an Intrusion Prevention System (IPS) with signatures that can detect and block attempts to exploit this vulnerability.

Public Exploit Available: false

This vulnerability represents a critical risk to the organization and requires immediate action. All system owners must prioritize the deployment of vendor-supplied patches to all affected assets without delay. Although CVE-2025-54952 is not currently on the CISA Known Exploited Vulnerabilities (KEV) catalog, its high severity score makes it a likely candidate for future inclusion. Due to the high probability of future exploitation, proactive patching is the most effective strategy to prevent a compromise.