Critical Vulns Found in Ray Open Source Framework for AI/ML Workloads

Organizations using Ray, the open source framework for scaling artificial intelligence and machine learning workloads, are exposed to attacks via a trio of as yet unpatched vulnerabilities in the technology, researchers said this week. Potentially Heavy Damage The vulnerabilities give attackers a way to, among other things, gain operating system access to all nodes in a Ray cluster, enable remote code execution, and escalate privileges. The flaws present a threat to organizations that expose their Ray instances to the Internet or even a local network. Researchers from Bishop Fox discovered the vulnerabilities and reported them to Anyscale - which sells a fully managed version of the technology - in August. Researchers from security vendor Protect AI also privately reported two of the same vulnerabilities to Anyscale previously. Anyscale has not addressed the flaws, says Berenice Flores Garcia, senior security consultant at Bishop Fox. "Their position is that the vulnerabilities are irrelevant because Ray is not intended for use outside of a strictly controlled network environment and claims to have this stated in their documentation," Garcia says. Anyscale did not immediately respond to a Dark Reading request for comment. Ray is a technology that organizations can use to distribute the execution of complex, infrastructure-intensive AI and machine learning workloads. Many large organizations currently use the technology for building scalable new AI and machine learning applications. Amazon's AWS has integrated Ray into many of its cloud services and has positioned it as technology that organizations can use to accelerate the scaling of AI and ML apps. Easy to Find and Exploit The vulnerabilities that Bishop Fox reported to Anyscale pertain to improper authentication and input validation in Ray Dashboard, Ray Client, and potentially other components. The vulnerabilities affect Ray versions 2.6.3 and 2.8.0 and allow attackers a way to obtain any data, scripts, or files stored in a Ray cluster. "If the Ray framework is installed in the cloud, it is possible to retrieve highly privileged IAM credentials that allow privilege escalation," Bishop Fox said in its report. The three vulnerabilities that Bishop Fox reported to Anyscale are CVE-2023-48023, a remote code execution vulnerability tied to missing authentication for a critical function; CVE-2023-48022, a server-side request forgery vulnerability in the Ray Dashboard API that enables RCE; and CVE-2023-6021, an insecure input validation error that also enables a remote attacker to execute malicious code on an affected system. Bishop Fox's report on the three vulnerabilities included details on how an attacker could potentially exploit the flaws to execute arbitrary code. The vulnerabilities are easy to exploit, and attackers do not require a high level of technical skills to take advantage of them, Garcia says. "An attacker only requires remote access to the vulnerable component ports - ports 8265 and 10001 by default - from the Internet or from a local network," and some basic Python knowledge, she says. "The vulnerable components are very easy to find if the Ray Dashboard UI is exposed. This is the gate to exploit the three vulnerabilities included in the advisory," she adds. According to Garcia, if the Ray Dashboard is not detected, a more specific fingerprint of the service ports would be required to identify the vulnerable ports. "Once the vulnerable components are identified, they are very easy to exploit following the steps from the advisory," Garcia says. Bishop Fox's advisory shows how an attacker could exploit the vulnerabilities to obtain a private key and highly privileged credentials from an AWS cloud account where Ray is installed. The flaws affect all organizations that expose the software to the Internet or local network. Controlled Network Environment Though Anycase did not respond to Dark Reading, the company's documentation states the need for organizations to deploy Ray clusters in a controlled network environment. "Ray expects to run in a safe network environment and to act upon trusted code," the documentation states. It mentions the need for organizations to ensure that network traffic between Ray components happens in an isolated environment and to have strict network controls and authentication mechanisms when accessing additional services. "Ray faithfully executes code that is passed to it - Ray doesn't differentiate between a tuning experiment, a rootkit install, or an S3 bucket inspection," the company noted. "Ray developers are responsible for building their applications with this understanding in mind."

This Cyber News was published on www.darkreading.com. Publication date: Thu, 30 Nov 2023 20:25:01 +0000


Cyber News related to Critical Vulns Found in Ray Open Source Framework for AI/ML Workloads

Critical Vulns Found in Ray Open Source Framework for AI/ML Workloads - Organizations using Ray, the open source framework for scaling artificial intelligence and machine learning workloads, are exposed to attacks via a trio of as yet unpatched vulnerabilities in the technology, researchers said this week. Potentially ...
10 months ago Darkreading.com
Understanding Cloud Workload Protection: Technologies and Best Practices - A cloud workload refers to an application or storage element within a cloud environment, whether it's public, private or hybrid. Each cloud workload uses a cloud's resources, including computation, networking, and storage. Cloud workloads can be as ...
8 months ago Securityboulevard.com
Are the Fears About the EU Cyber Resilience Act Justified? - On Wednesday, July 19, the European Parliament voted in favor of a major new legal framework regarding cybersecurity: the Cyber Resilience Act. The act enters murky waters when it comes to open-source software. It typically accounts for 70% to 90% of ...
9 months ago Feeds.dzone.com
Open Source Password Managers: Overview, Pros & Cons - There are many proprietary password managers on the market for those who want an out-of-the box solution, and then there are open source password managers for those wanting a more customizable option. In this article, we explain how open source ...
7 months ago Techrepublic.com
Are the Fears about the EU Cyber Resilience Act Justified? - "The draft cyber resilience act approved by the Industry, Research and Energy Committee aims to ensure that products with digital features, e.g. phones or toys, are secure to use, resilient against cyber threats and provide enough information about ...
10 months ago Securityboulevard.com
Launching Your First Open Source Project - I've been deeply immersed in the world of developer products for the past decade, and let me tell you, I've been quite an open-source enthusiast. Over the years, I've had the pleasure of shepherding open-source projects of all shapes and sizes. ...
9 months ago Feeds.dzone.com
Zero Trust Security Framework: Implementing Trust in Business - The Zero Trust security framework is an effective approach to enhancing security by challenging traditional notions of trust. Zero Trust Security represents a significant shift in the cybersecurity approach, challenging the conventional concept of ...
8 months ago Securityzap.com
Wazuh: Building robust cybersecurity architecture with open source tools - Building a cybersecurity architecture requires organizations to leverage several security tools to provide multi-layer security in an ever-changing threat landscape. Leveraging open source tools and solutions to build a cybersecurity architecture ...
8 months ago Bleepingcomputer.com
Wazuh: Building robust cybersecurity architecture with open source tools - Building a cybersecurity architecture requires organizations to leverage several security tools to provide multi-layer security in an ever-changing threat landscape. Leveraging open source tools and solutions to build a cybersecurity architecture ...
8 months ago Bleepingcomputer.com
Best practices in moving to cloud native endpoint management - This blog is the second of three that details our recommendation to adopt cloud native device management. A common thread through the customer stories was how they achieved greater security, cost savings, and readiness for the future through their ...
8 months ago Microsoft.com
CVE Prioritizer: Open-source tool to prioritize vulnerability patching - CVE Prioritizer is an open-source tool designed to assist in prioritizing the patching of vulnerabilities. It integrates data from CVSS, EPSS, and CISA's KEV catalog to offer insights into the probability of exploitation and the potential effects of ...
7 months ago Helpnetsecurity.com
Flawed AI Tools Create Worries for Private LLMs, Chatbots - Companies that use private instances of large language models to make their business data searchable through a conversational interface face risks of data poisoning and potential data leakage if they do not properly implement security controls to ...
4 months ago Darkreading.com
Building Data Center Infrastructure for the AI Revolution  - This is part two of a multi-part blog series on AI. Part one, Why 2024 is the Year of AI for Networking, discussed Cisco's AI networking vision and strategy. This blog will focus on evolving data center network infrastructure for supporting AI/ML ...
6 months ago Feedpress.me
How Servicenow Detects Open Source Security Vulnerabilities - Servicenow, a digital workflow company, recently announced their integration with Synk, an open source security platform, to detect security vulnerabilities in open source software. This integration will enable Servicenow customers to detect and ...
1 year ago Csoonline.com
SUSE announces new enhancements to help users manage business-critical workloads - SUSE announced enhancements across its cloud native and Edge portfolio to enable customers to securely deploy and manage business-critical workloads anywhere. New capabilities in Rancher Prime 3.0, SUSE's commercial offering of Rancher and SUSE Edge ...
6 months ago Helpnetsecurity.com
SiCat: Open-source exploit finder - SiCat is an open-source tool for exploit research designed to source and compile information about exploits from open channels and internal databases. Its primary aim is to assist in cybersecurity, enabling users to search the internet for potential ...
8 months ago Helpnetsecurity.com
Vulnerability Summary for the Week of March 11, 2024 - Published 2024-03-15 CVSS Score not yet calculated Source & Patch Info CVE-2021-47111416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67 PrimaryVendor - Product linux - linux Description In the ...
6 months ago Cisa.gov
Dotnet Source Generators in 2024 Part 1: Getting Started - Security Boulevard - While nice, this incurs an execution of any classes marked as a source generator every time something changes in the project (i.e., delete a line of code, add a line of code, make a new file, etc.). As you can imagine, having something running every ...
1 week ago Securityboulevard.com
Cybersecurity Frameworks: What Do the Experts Have to Say? - Cybersecurity frameworks are blueprints for security programs. Typically developed by governmental organizations, industry groups, or international bodies, they take the guesswork out of developing defense strategies, providing organizations with ...
3 months ago Tripwire.com
Over 4,000 Adobe Commerce, Magento shops hacked in CosmicSting attacks - Website security company Sansec has been tracking the attacks since June 2024 and observed 4,275 stores breached in CosmicSting attacks, high-profile victims including Whirlpool, Ray-Ban, National Geographic,  Segway, and Cisco, which ...
1 week ago Bleepingcomputer.com
Vulnerability Summary for the Week of March 4, 2024 - Published 2024-03-06 CVSS Score not yet calculated Source & Patch Info CVE-2023-52584416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67 PrimaryVendor - ...
7 months ago Cisa.gov
Egress Security: Part of a Holistic, Multidirectional Security Strategy for Today's Multicloud World - According to Enterprise Strategy Group, more than half of production workloads will be running on public cloud infrastructure within the next two years, positioning cloud computing center-stage as the best practice for solving critical business ...
9 months ago Feedpress.me
What is the NIST Cybersecurity Framework? Definition from SearchSecurity - The NIST Cybersecurity Framework provides guidance on how to manage and reduce IT infrastructure security risk. NIST created the CSF to help private sector organizations in the United States develop a roadmap for critical infrastructure ...
9 months ago Techtarget.com
Vulnerability Summary for the Week of November 27, 2023 - PrimaryVendor - Product apple - multiple products Description A memory corruption vulnerability was addressed with improved locking. Published 2023-12-01 CVSS Score not yet calculated Source & Patch Info CVE-2023-48842 PrimaryVendor - Product dell - ...
10 months ago Cisa.gov
CVE-2018-8202 - An elevation of privilege vulnerability exists in .NET Framework which could allow an attacker to elevate their privilege level, aka ".NET Framework Elevation of Privilege Vulnerability." This affects Microsoft .NET Framework 2.0, Microsoft ...
2 years ago

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)