CVE-2025-51427
Code Execution in ModelScope via Malicious Module Configuration
Publication date: 2026-05-19
Last updated on: 2026-05-19
Assigner: MITRE
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| modelscope | modelscope | 1.25.0 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-94 | The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in ModelScope version 1.25.0 and allows attackers to execute arbitrary code. The issue arises because an attacker can craft a malicious module listed in the configuration file (dey_mini.yaml) under the key ['nnet']['module'], which the software then executes.
How can this vulnerability impact me? :
The vulnerability can lead to remote code execution (RCE), meaning an attacker could run any code they choose on the affected system. This could result in unauthorized access, data theft, system compromise, or disruption of services.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability involves execution of arbitrary code via a crafted module listed in the configuration file (dey_mini.yaml) under the key ['nnet']['module'] in ModelScope 1.25.0.
To detect this vulnerability on your system, you should inspect the configuration file dey_mini.yaml for suspicious or unexpected entries under the ['nnet']['module'] key that might reference untrusted or remote code.
Commands to help detect this might include searching for the module key in the configuration file, for example:
- grep -A 5 "nnet" dey_mini.yaml
- grep "module" dey_mini.yaml
Additionally, monitoring network traffic for unexpected outbound connections from ModelScope processes could help identify exploitation attempts.
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include:
- Review and sanitize the configuration file dey_mini.yaml to ensure no untrusted or remote modules are specified under ['nnet']['module'].
- Avoid loading or trusting remote code or modules in the ModelScope environment.
- Update ModelScope to a version where this vulnerability is fixed once a patch or update is released.
- Restrict network access for ModelScope processes to prevent unauthorized remote code execution.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The provided information does not specify how this vulnerability impacts compliance with common standards and regulations such as GDPR or HIPAA.