Remote Code Execution In PyTorch Model Server TorchServe

Oligo's research team has uncovered a chain of critical vulnerabilities, named ShellTorch, including CVE-2023-43654 (CVSS: 9.8) in the PyTorch model server TorchServe.

This flaw allows unauthorized access to #AI models and enables Remote Code Execution (RCE) leaving countless services and end-users at risk.