tags:arbitrary_file_writeOOB_writeaienterprise_app original link: Preauth RCE on NVIDIA Triton Server newsletter link: exploits.club Weekly Newsletter 26


Exploits Club Summary:

What do you get when you mix new technology with rapid innovation and competition? We don’t know, but if OSes
or web
or cloud
or crypto are any indicator, you do not get security. This write-up from @edwardzpeng indicates the state of AI security may also be going through its infancy stage. In his blog, he demonstrates two vulnerabilities he recently found on Triton Inference Server. The first (CVE-2024-0087) is an arbitrary file write. This results from the logging configuration interface accepting an arbitrary parameter for the log’s write target. Because the log data is also attacker-controlled, this causes an arbitrary write, which can be spun into RCE. The second (CVE-2024-0088) is an arbitrary address write, resulting from how Triton allows for shared memory registration but fails to validate any of the attacker-controlled parameters. The post wraps up with some thoughts on these vulnerabilities, the impact they may have at large, and the current state of AI.