CVE-2025-27520

BentoML is a Python library for building online serving systems optimized for AI apps and model inference. A Remote Code Execution (RCE) vulnerability caused by insecure deserialization has been identified in the latest version (v1.4.2) of BentoML. It allows any unauthenticated user to execute arbitrary code on the server. It exists an unsafe code segment in serde.py. This vulnerability is fixed in 1.4.3.

CVSS v3 9.8 CRITICAL

9.8^/10

CVSS v3 : CRITICAL

Vector :

Exploitability : 3.9 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://github.com/bentoml/BentoML/commit/b35f4f4fcc53a8c3fe8ed9c18a013fe0a728e194	Patch
https://github.com/bentoml/BentoML/security/advisories/GHSA-33xw-247w-6hmc	Exploit Third Party Advisory
https://github.com/bentoml/BentoML/security/advisories/GHSA-33xw-247w-6hmc	Exploit Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:bentoml:bentoml:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2025-04-04 15:15

Updated : 2025-06-27 12:48

NVD link : CVE-2025-27520

Mitre link : CVE-2025-27520

CVE.ORG link : CVE-2025-27520

JSON object : View

Products Affected

bentoml

bentoml

CWE

CWE-502

Deserialization of Untrusted Data

{"id": "CVE-2025-27520", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "[email protected]", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}]}, "published": "2025-04-04T15:15:47.927", "references": [{"url": "https://github.com/bentoml/BentoML/commit/b35f4f4fcc53a8c3fe8ed9c18a013fe0a728e194", "tags": ["Patch"], "source": "[email protected]"}, {"url": "https://github.com/bentoml/BentoML/security/advisories/GHSA-33xw-247w-6hmc", "tags": ["Exploit", "Third Party Advisory"], "source": "[email protected]"}, {"url": "https://github.com/bentoml/BentoML/security/advisories/GHSA-33xw-247w-6hmc", "tags": ["Exploit", "Third Party Advisory"], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "[email protected]", "description": [{"lang": "en", "value": "CWE-502"}]}], "descriptions": [{"lang": "en", "value": "BentoML is a Python library for building online serving systems optimized for AI apps and model inference. A Remote Code Execution (RCE) vulnerability caused by insecure deserialization has been identified in the latest version (v1.4.2) of BentoML. It allows any unauthenticated user to execute arbitrary code on the server. It exists an unsafe code segment in serde.py. This vulnerability is fixed in 1.4.3."}, {"lang": "es", "value": "BentoML es una librer\u00eda de Python para crear sistemas de servidores en l\u00ednea optimizados para aplicaciones de IA e inferencia de modelos. Se ha identificado una vulnerabilidad de Ejecuci\u00f3n Remota de C\u00f3digo (RCE) causada por una deserializaci\u00f3n insegura en la \u00faltima versi\u00f3n (v1.4.2) de BentoML. Esta vulnerabilidad permite a cualquier usuario no autenticado ejecutar c\u00f3digo arbitrario en el servidor. Existe un segmento de c\u00f3digo inseguro en serde.py. Esta vulnerabilidad se corrigi\u00f3 en la versi\u00f3n 1.4.3."}], "lastModified": "2025-06-27T12:48:46.350", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:bentoml:bentoml:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F824F6EC-4EA6-4C23-B174-2D8E5587E9E1", "versionEndIncluding": "1.4.2", "versionStartIncluding": "1.3.4"}], "operator": "OR"}]}], "sourceIdentifier": "[email protected]"}