Critical Severity
pytorch-lightning
Remote Code Execution via State Change Endpoint Exploitation
A vulnerability in pytorch-lightning version 2.2.1 allows for remote code execution (RCE) by exploiting the state change endpoint through property/class pollution. This issue arises from deserializing user input and mishandling dunder attributes by the `deepdiff` library, which pytorch-lightning uses to modify application state. The vulnerability was patched in a version released after 2.2.1.
Available publicly on May 25 2024
Threat Overview
The vulnerability leverages the deepdiff.Delta objects used by pytorch-lightning to modify application state based on frontend actions. Despite efforts to sanitize input and protect against code execution, attackers can bypass these protections by constructing serialized deltas containing dunder attributes. This allows attackers to access and manipulate other modules, classes, and instances, leading to arbitrary attribute writes and ultimately, total RCE on self-hosted pytorch-lightning applications.
Attack Scenario
An attacker crafts a serialized delta containing dunder attributes that bypass the deepdiff library's protections. This delta is sent to the vulnerable state change endpoint, where it is deserialized and processed. The attacker manipulates the application state to execute arbitrary code, gaining control over the application.
Who is affected
Self-hosted pytorch-lightning applications, even in their default configuration, are vulnerable to this attack. The vulnerability specifically affects version 2.2.1 of pytorch-lightning.
Technical Report
Want more out of Sightline?
Sightline offers even more for premium customers
Go Premium
We have - related security advisories that are available with Sightline Premium.
