cbcvebase.
CVE-2024-12029
published 2025-03-20

CVE-2024-12029: A remote code execution vulnerability exists in invoke-ai/invokeai versions 5.3.1 through 5.4.2 via the /api/v2/models/install API. The vulnerability arises…

PriorityP274critical9.8CVSS 3.0
AVNACLPRNUINSUCHIHAH
EXPLOIT
EPSS
5.34%
91.6th percentile
A remote code execution vulnerability exists in invoke-ai/invokeai versions 5.3.1 through 5.4.2 via the /api/v2/models/install API. The vulnerability arises from unsafe deserialization of model files using torch.load without proper validation. Attackers can exploit this by embedding malicious code in model files, which is executed upon loading. This issue is fixed in version 5.4.3.

Affected

4 ranges
VendorProductVersion rangeFixed in
invoke-aiinvoke-ai_invokeai>= 0 < 756008dc5899081c5aa51e5bd8f24c1b3975a59e756008dc5899081c5aa51e5bd8f24c1b3975a59e
invoke-aiinvoke-ai_invokeai>= 5.3.1 < 5.4.3rc25.4.3rc2
invoke-aiinvoke-ai_invokeai>= 5.3.1 < 5.4.3rc15.4.3rc1
invoke-aiinvoke-ai_invokeai>= unspecified < 5.4.35.4.3

Detection & IOCsextracted from sources · hover to see the quote

url/api/v2/models/install
path/api/v2/models/install
commandtorch.load
  • Monitor HTTP requests to the /api/v2/models/install endpoint for externally supplied model URLs, which may indicate exploitation attempts.
  • Alert on model files being loaded via torch.load on the server side, especially those originating from user-supplied URLs, as they may contain embedded malicious code.
  • A Metasploit module exists for this CVE; watch for exploit framework signatures or payloads targeting InvokeAI's model install API.
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.