CVE-2024-12029

CRITICAL

Pypi Invokeai < 5.4.3rc2 - Insecure Deserialization

Title source: rule

Description

A remote code execution vulnerability exists in invoke-ai/invokeai versions 5.3.1 through 5.4.2 via the /api/v2/models/install API. The vulnerability arises from unsafe deserialization of model files using torch.load without proper validation. Attackers can exploit this by embedding malicious code in model files, which is executed upon loading. This issue is fixed in version 5.4.3.

Exploits (2)

nomisec WORKING POC

by Lu3ky13 · poc

https://github.com/Lu3ky13/Alternative-Approach-Reverse-Shell-Callback-Test-InvokeAI-RCE

View Code ZIP pw:eip

metasploit WORKING POC EXCELLENT

by jackfromeast, Takahiro Yokoyama · rubypoc

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/invokeai_rce_cve_2024_12029.rb

View Code ZIP pw:eip

References (2)

[Exploit, Third Party Advisory] https://huntr.com/bounties/9b790f94-1b1b-4071-bc27-78445d1a87a3

[Patch] https://github.com/invoke-ai/invokeai/commit/756008dc5899081c5aa51e5bd8f24c1b3975a59e

Scores

CVSS v3 9.8

EPSS 0.4416

EPSS Percentile 97.6%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation poc

Automatable yes

Technical Impact total

Details

CWE

CWE-502

Status published

Products (2)

invoke-ai/invoke-ai/invokeai unspecified - 5.4.3

pypi/InvokeAI 5.3.1 - 5.4.3rc2PyPI

Published Mar 20, 2025

Tracked Since Feb 18, 2026