all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

ShellTorch Vulnerabilities Expose PyTorch Models to Remote Code Execution

Add to bookmarks
Oct. 4, 2023, 11:26 a.m. | Livia Gyongyoși

Heimdal Security Blog heimdalsecurity.com

ShellTorch vulnerabilities chain exposes tens of thousands of servers to remote code execution and data exfiltration. Researchers revealed that the TorchServe flaws (including CVE-2023-43654, CVSS: 9.8) can expose sensitive data, compromise AI models, and run a full server takeover. TorchServe is a famous open-source tool for serving and scaling PyTorch models in production. Organizations involved […]


The post ShellTorch Vulnerabilities Expose PyTorch Models to Remote Code Execution appeared first on Heimdal Security Blog.

ai models code code execution compromise cve cvss cybersecurity news data data exfiltration exfiltration expose flaws pytorch remote code remote code execution researchers run scaling sensitive sensitive data server servers shelltorch takeover tool vulnerabilities

Visit resource

More from heimdalsecurity.com / Heimdal Security Blog

Patch Now! CrushFTP Zero-day Lets Attackers Download System Files 1 week, 5 days ago | heimdalsecurity.com
attackers critical crushftp customers +22
MITRE Breached – Hackers Chained 2 Ivanti Zero-days to Compromise VPN 1 week, 5 days ago | heimdalsecurity.com
attack authentication authentication bypass breach +30
A System Administrator’s Challenges in Patch Management 1 week, 5 days ago | heimdalsecurity.com
administrator alex benefits challenges +13
Free and Downloadable Account Management Policy Template 1 week, 6 days ago | heimdalsecurity.com
account accounts business data +16
Atera vs. ConnectWise: Head-to-Head Comparison (And Alternative) 2 weeks ago | heimdalsecurity.com
article atera balance complexity +11
NinjaOne vs. Atera: A Deep Comparison Between the Solutions 2 weeks, 3 days ago | heimdalsecurity.com
atera business critical customers +22
Deceptive Google Ads Mimic IP Scanner Software to Push Backdoor 2 weeks, 3 days ago | heimdalsecurity.com
ads backdoor campaign cybersecurity +16
CrowdStrike vs. SentinelOne: Which One Is Better For Endpoint Security? 2 weeks, 4 days ago | heimdalsecurity.com
business can crowdstrike cybersecurity +13
Surge in Botnets Exploiting CVE-2023-1389 to Infect TP-Link Archer Routers 2 weeks, 5 days ago | heimdalsecurity.com
bleeping computer botnet botnets command +24

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Director, Cyber Risk

@ Kroll | South Africa
View on infosec-jobs.com

Security Engineer, XRM

@ Meta | New York City
View on infosec-jobs.com

Security Analyst 3

@ Oracle | Romania
View on infosec-jobs.com

Internship - Cyber Security Operations

@ SES | Betzdorf, LU
View on infosec-jobs.com

Principal Product Manager (Network/Security Management) - NetSec

@ Palo Alto Networks | Bengaluru, India
View on infosec-jobs.com

IT Security Engineer

@ Timocom GmbH | Erkrath, Germany
View on infosec-jobs.com
View more jobs