A critical remote code execution vulnerability, identified as CVE-2025-63665, has been discovered in the GT Edge AI Platform. This flaw allows an unauthenticated attacker to take complete control of an affected system by sending a specially crafted message to the platform's Prompt window. Due to its high severity (CVSS 9.8) and ease of exploitation, immediate patching is required to prevent potential system compromise and data theft.

This vulnerability allows for remote code execution (RCE) due to improper input validation of JSON payloads submitted to the platform's Prompt window. An attacker can construct a malicious JSON object containing arbitrary commands. When the application processes this input, it fails to properly sanitize the data, leading to the execution of the embedded commands with the privileges of the application's user account. Exploitation requires no user interaction or authentication, and can be achieved by any attacker with network access to the vulnerable interface.

This vulnerability is rated as critical severity with a CVSS score of 9.8. Successful exploitation would grant an attacker full control over the compromised GT Edge AI Platform server. The potential business impact is severe and includes the theft of sensitive data such as proprietary AI models and training data, disruption of critical AI-driven business operations, and the potential for the compromised system to be used as a pivot point to attack other internal network resources. A breach of this nature could lead to significant financial loss, reputational damage, and regulatory penalties.

Immediate Action: The primary remediation is to update the GT Edge AI Platform to version v2.0.10-dev or a later, patched version immediately. After patching, organizations should monitor system and application logs for any signs of exploitation that may have occurred prior to the update. Reviewing access logs for unusual or malformed JSON requests targeting the Prompt window endpoint is highly recommended.

Proactive Monitoring:

• Log Analysis: Scrutinize web server and application logs for large, complex, or obfuscated JSON payloads submitted to the AI prompt endpoint.
• Network Monitoring: Monitor for unusual outbound network connections from platform servers, which could indicate a successful compromise and communication with a command-and-control server.
• Endpoint Detection and Response (EDR): Look for anomalous process execution on platform hosts, such as shells (sh, bash, powershell.exe) being spawned by the AI platform's service account.

Compensating Controls: If immediate patching is not possible, the following controls can help reduce risk:

• Web Application Firewall (WAF): Deploy a WAF with rules specifically designed to inspect and block malicious or malformed JSON payloads.
• Network Segmentation: Isolate the GT Edge AI Platform from the broader corporate network to limit an attacker's ability to move laterally after a compromise.
• Access Control Lists (ACLs): Restrict network access to the platform's user interface to only trusted IP addresses and authorized personnel.

Public Exploit Available: false

Due to the critical severity of this vulnerability and the high likelihood of future exploitation, organizations must prioritize patching all affected GT Edge AI Platform instances. We strongly recommend applying the vendor-supplied update to version v2.0.10-dev or later without delay. If patching cannot be performed immediately, implement the recommended compensating controls, particularly WAF rules and network segmentation, as a temporary mitigation. Continue to monitor for any updates from the vendor and for this CVE's potential inclusion in the CISA KEV catalog.