CVE-2024-12029
published 2025-03-20CVE-2024-12029: A remote code execution vulnerability exists in invoke-ai/invokeai versions 5.3.1 through 5.4.2 via the /api/v2/models/install API. The vulnerability arises…
PriorityP274critical9.8CVSS 3.0
AVNACLPRNUINSUCHIHAH
EXPLOIT
EPSS
5.34%
91.6th percentile
A remote code execution vulnerability exists in invoke-ai/invokeai versions 5.3.1 through 5.4.2 via the /api/v2/models/install API. The vulnerability arises from unsafe deserialization of model files using torch.load without proper validation. Attackers can exploit this by embedding malicious code in model files, which is executed upon loading. This issue is fixed in version 5.4.3.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| invoke-ai | invoke-ai_invokeai | >= 0 < 756008dc5899081c5aa51e5bd8f24c1b3975a59e | 756008dc5899081c5aa51e5bd8f24c1b3975a59e |
| invoke-ai | invoke-ai_invokeai | >= 5.3.1 < 5.4.3rc2 | 5.4.3rc2 |
| invoke-ai | invoke-ai_invokeai | >= 5.3.1 < 5.4.3rc1 | 5.4.3rc1 |
| invoke-ai | invoke-ai_invokeai | >= unspecified < 5.4.3 | 5.4.3 |
Detection & IOCsextracted from sources · hover to see the quote
- →Monitor HTTP requests to the /api/v2/models/install endpoint for externally supplied model URLs, which may indicate exploitation attempts. ↗
- →Alert on model files being loaded via torch.load on the server side, especially those originating from user-supplied URLs, as they may contain embedded malicious code. ↗
- →A Metasploit module exists for this CVE; watch for exploit framework signatures or payloads targeting InvokeAI's model install API. ↗
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
InvokeAI Deserialization of Untrusted Data vulnerability
ghsa·2025-03-21
CVE-2024-12029 [CRITICAL] CWE-502 InvokeAI Deserialization of Untrusted Data vulnerability
InvokeAI Deserialization of Untrusted Data vulnerability
A remote code execution vulnerability exists in invoke-ai/invokeai versions 5.3.1 through 5.4.2 via the /api/v2/models/install API. The vulnerability arises from unsafe deserialization of model files using torch.load without proper validation. Attackers can exploit this by embedding malicious code in model files, which is executed upon loading. This issue is fixed in version 5.4.3rc2.
OSV
InvokeAI Deserialization of Untrusted Data vulnerability
osv·2025-03-21
CVE-2024-12029 [CRITICAL] InvokeAI Deserialization of Untrusted Data vulnerability
InvokeAI Deserialization of Untrusted Data vulnerability
A remote code execution vulnerability exists in invoke-ai/invokeai versions 5.3.1 through 5.4.2 via the /api/v2/models/install API. The vulnerability arises from unsafe deserialization of model files using torch.load without proper validation. Attackers can exploit this by embedding malicious code in model files, which is executed upon loading. This issue is fixed in version 5.4.3rc2.
OSV
CVE-2024-12029: A remote code execution vulnerability exists in invoke-ai/invokeai versions 5
osv·2025-03-20
CVE-2024-12029 CVE-2024-12029: A remote code execution vulnerability exists in invoke-ai/invokeai versions 5
A remote code execution vulnerability exists in invoke-ai/invokeai versions 5.3.1 through 5.4.2 via the /api/v2/models/install API. The vulnerability arises from unsafe deserialization of model files using torch.load without proper validation. Attackers can exploit this by embedding malicious code in model files, which is executed upon loading. This issue is fixed in version 5.4.3.
No detection rules found.
No writeups or analysis indexed.
2025-03-20
Published