AWS Warns of ‘ShellTorch’ Issue Affecting Code Related to AI Models

October 3, 2023 | Amazon Web Services (AWS) has issued a warning regarding a vulnerability affecting TorchServe, a tool used by major companies to incorporate artificial intelligence (AI) models into their operations. The bug, named CVE-2023-43654 and part of a set of vulnerabilities named “ShellTorch” by researchers from Oligo, exposes important administrative tools to the open internet. Oligo discovered that hackers could potentially view, modify, steal, or delete AI models and sensitive data between a company and the TorchServe server. The vulnerabilities highlight the risks associated with AI models relying heavily on open-source software. AWS urges users to update TorchServe to resolve the issue.

Read full article

Newsletter Signup

Stay up-to-date on the latest resources and news from CRITICALSTART.
Benchmark your cybersecurity against peers with our Free Quick Start Risk Assessments tool!
This is default text for notification bar