October 3, 2023 | Amazon Web Services (AWS) has issued a warning regarding a vulnerability affecting TorchServe, a tool used by major companies to incorporate artificial intelligence (AI) models into their operations. The bug, named CVE-2023-43654 and part of a set of vulnerabilities named “ShellTorch” by researchers from Oligo, exposes important administrative tools to the open internet. Oligo discovered that hackers could potentially view, modify, steal, or delete AI models and sensitive data between a company and the TorchServe server. The vulnerabilities highlight the risks associated with AI models relying heavily on open-source software. AWS urges users to update TorchServe to resolve the issue.
Read full article
