CVE-2024-45855: 
Python vulnerability analysis and mitigation

A deserialization vulnerability (CVE-2024-45855) exists in MindsDB platform versions 23.10.2.0 and newer. The vulnerability allows a maliciously uploaded 'inhouse' model to execute arbitrary code on the server when using the 'finetune' operation. This vulnerability was discovered and reported by HiddenLayer security researchers (HiddenLayer Advisory).

The vulnerability exists within the finetune method of the ModelWrapperUnsafe class in the mindsdb/integrations/handlers/byom_handler/byom_handler.py file. The issue stems from the unsafe use of pickle.loads on custom models built via the Build Your Own Model process. This vulnerability is only exploitable when the BYOM engine is configured to use 'inhouse' instead of the default 'venv' setting. The vulnerability has been assigned a CVSS v3.1 score of 7.1 (HIGH) with vector: AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H and is categorized as CWE-502: Deserialization of Untrusted Data (HiddenLayer Advisory, NVD).

If successfully exploited, this vulnerability allows authenticated attackers to execute arbitrary code on the server running the MindsDB platform. The impact is particularly severe as it could lead to complete system compromise, including potential data theft, system manipulation, or service disruption (HiddenLayer Advisory).

The vulnerability was addressed in July 2024 with updates to the project Github repository in version v24.7.4.1. Users are advised to upgrade to the latest version of MindsDB. Additionally, ensuring that the BYOM engine remains set to its default 'venv' setting rather than 'inhouse' can help prevent exploitation (HiddenLayer Advisory).