← Volver a CVEs
CVE-2025-1550
CRITICAL9.8
Descripcion
The Keras Model.load_model function permits arbitrary code execution, even with safe_mode=True, through a manually constructed, malicious .keras archive. By altering the config.json file within the archive, an attacker can specify arbitrary Python modules and functions, along with their arguments, to be loaded and executed during model loading.
Detalles CVE
Puntuacion CVSS v3.19.8
SeveridadCRITICAL
Vector CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vector de ataqueNETWORK
ComplejidadLOW
Privilegios requeridosNONE
Interaccion usuarioNONE
Publicado3/11/2025
Ultima modificacion7/31/2025
Fuentenvd
Avistamientos honeypot0
Productos afectados
keras:keras
Debilidades (CWE)
CWE-94
Referencias
https://github.com/keras-team/keras/pull/20751(cve-coordination@google.com)
https://towerofhanoi.it/writeups/cve-2025-1550/(cve-coordination@google.com)
Correlaciones IOC
Sin correlaciones registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.