Wednesday, 3 September 2025
29.2 C
Singapore
29.2 C
Thailand
20.8 C
Indonesia
28.3 C
Philippines

Open-source machine learning systems face increasing security threats

Open-source machine learning tools face rising security threats, with recent findings highlighting critical vulnerabilities across key frameworks.

Recent research has uncovered significant security vulnerabilities in open-source machine learning (ML) frameworks, putting sensitive data and operations at risk. As ML adoption grows across industries, so does the urgency of addressing these threats. The vulnerabilities, identified in a report by JFrog, reveal gaps in ML security compared to more established systems like DevOps and web servers.

Critical vulnerabilities in ML frameworks

Open-source ML projects have seen a rise in security flaws, with JFrog reporting 22 vulnerabilities across 15 ML tools in recent months. Two primary concerns concern server-side components and privilege escalation risks within ML environments. These vulnerabilities could allow attackers to access sensitive files, gain unauthorised privileges, and compromise the entire ML workflow.

One significant flaw involves Weave, a Weights & Biases (W&B) tool that tracks and visualises ML model metrics. The WANDB Weave Directory Traversal vulnerability (CVE-2024-7340) allows attackers to exploit improper input validation in file paths. By doing so, they can access sensitive files, including admin API keys, enabling privilege escalation and potentially compromising ML pipelines.

Another affected tool is ZenML, which manages MLOps pipelines. A critical flaw in ZenML Cloud’s access control lets attackers with minimal access privileges escalate permissions. This could expose confidential data like secrets and model files, allowing attackers to manipulate pipelines, tamper with model data, or disrupt production environments dependent on these pipelines.

Risks of privilege escalation and data breaches

Other vulnerabilities highlight the risks of privilege escalation in ML systems. The Deep Lake Command Injection (CVE-2024-6507) found in the Deep Lake database is particularly severe. This database, designed for AI applications, suffers from improper command sanitisation, allowing attackers to execute arbitrary commands. Such breaches could compromise the database and connected applications, leading to remote code execution.

Vanna AI, a natural language SQL query generation tool, also has a serious vulnerability. The Vanna.AI Prompt Injection (CVE-2024-5565) flaw lets attackers inject malicious code into SQL prompts, which can result in remote code execution. This poses risks like manipulated visualisations, SQL injections, or data theft.

Mage.AI, an MLOps platform for managing data pipelines, is vulnerable to unauthorised shell access, file leaks, and path traversal issues. These flaws enable attackers to control pipelines, expose configurations, and execute malicious commands, risking privilege escalation and data integrity breaches.

The path forward

JFrog’s findings highlight a critical gap in MLOps security. Many organisations fail to integrate AI/ML security with broader cybersecurity strategies, leaving blind spots. Attackers can exploit these vulnerabilities to embed malicious code in models, steal data, or manipulate outputs, creating widespread disruptions.

As ML and AI continue transforming industries, securing their frameworks, datasets, and models is essential. Robust security practices must be prioritised to protect the innovations that drive this growing field.

Hot this week

FairPrice Group opens AI-powered Store of Tomorrow at Punggol Coast Mall

FairPrice Group has opened the world’s first AI-powered supermarket at Punggol Coast Mall, transforming shopping and staff experiences.

Escape from Tarkov set to launch on Steam as full release approaches

Escape from Tarkov will launch on Steam ahead of its 1.0 release in November 2025, following years of beta testing and controversy.

Sony resumes sales of Xperia 1 VII in Singapore after investigation

Sony resumes Xperia 1 VII sales in Singapore after an investigation and an enhanced manufacturing process to address a circuit board flaw.

FIFAe partners with Lenovo to power FIFAe Finals 2025 in Riyadh

FIFAe partners with Lenovo to power the FIFAe Finals 2025 in Riyadh, featuring top esports teams competing on Legion gaming devices.

ChatGPT to introduce parental controls as AI safety concerns rise

OpenAI is introducing parental controls for ChatGPT, addressing growing concerns about the safety of AI chatbots and their impact on young users.

Amazon launches new AWS region in New Zealand

Amazon launches its first AWS infrastructure region in New Zealand, investing NZ$7.5b to boost jobs, cloud services, and sustainability.

Global Anti-Scam Summit Asia 2025 launches major initiatives to fight online fraud

Global Anti-Scam Summit Asia 2025 in Singapore unveils new initiatives to fight scams with technology, funding, and cross-border collaboration.

Google Play Games to introduce new profiles with stats and social features

Google is introducing new Play Games profiles on Android, featuring gaming stats, achievements, and social tools, rolling out from 23 September.

China enforces mandatory AI content labels on major social media platforms

China’s major social media platforms are now required to label AI-generated content under a new law aimed at curbing misinformation and enhancing oversight.

Related Articles

Popular Categories