vulnerability

Critical vulnerability in PyTorch framework

Researchers have found a way to exploit a security mechanism in a popular machine-learning framework.

Editorial Team
April 22, 2025

A researcher has discovered a vulnerability in PyTorch – an open-source machine-learning framework. The vulnerability, registered as CVE-2025-32434, belongs to the Remote Code Execution (RCE) class, and has a 9.3 CVSS rating, meaning it’s categorized as critical. Exploitation of CVE-2025-32434 under certain conditions allows an attacker to run arbitrary code when a malicious AI model is being loaded on the victim’s computer. Anyone using PyTorch is advised to update the framework to the latest version as soon as possible.

The CVE-2025-32434 vulnerability

Among other things, the PyTorch framework, allows users to save trained models to a file that stores the weights, and loads them from the file using the torch.load() function. Trained models are often shared via various public repositories and, theoretically, they can contain malicious implants. Therefore, the official documentation of the PyTorch project recommends using the torch.load() function with the weights_only=True parameter for security purposes (this way, only primitive data types are loaded: dictionaries, tensors, lists, and so on).

The vulnerability CVE-2025-32434 exists due to an incorrectly implemented deserialization mechanism when loading a model. The researcher who discovered it demonstrated that an attacker can create a model file in such a way that the weights_only=True parameter will lead to the exact opposite effect, while the loading of this malicious model will lead to arbitrary code execution that can compromise the environment in which the model is run.

How to stay safe?

The researcher didn’t publish a detailed method for exploiting this vulnerability, and at the moment there’s no evidence that someone is using CVE-2025-32434 in actual attacks. However, the very fact of releasing a patch always attracts both researchers and attackers to the problem, so proof-of-concept exploits are most likely already being developed.

The team responsible for developing the PyTorch framework released its update 2.6.0, in which the vulnerability CVE-2025-32434 was successfully fixed. All previous versions – up to 2.5.1 – remain vulnerable and should be updated as soon as possible. If this isn’t possible for some reason, the researchers recommend refraining from using the torch.load() function with the weights_only=True parameter, and temporarily switching to alternative methods of model loading.

In addition, we recommend paying special attention to protecting virtual and cloud environments – the easiest way to do this is by using specialized solutions.

Six key areas for cost-effective development of a company's information security function in 2025, with a focus on budget optimization

CISO priorities in 2025

Analyzing the popular CISO MindMap from an economic efficiency perspective.

Privacy & Kids

TARGETED SECURITY SOLUTIONS

Industries

Critical vulnerability in PyTorch framework

The CVE-2025-32434 vulnerability

How to stay safe?

A good reason to update Confluence

Vulnerability detected in Kernel Transaction Manager

CISO priorities in 2025

Tips

How to safely convert files

New Year’s resolutions for a cybersecure 2025

How safe is encrypted file storage?

How to save your finances on Black Friday

Sign up to receive our headlines in your inbox

Home Products

Small Business Products

Medium Business Products

Enterprise Solutions

Securelist

Eugene Personal Blog

Encyclopedia