Vulnerabilities > CVE-2024-0654 - Deserialization of Untrusted Data vulnerability in Iperov Deepfacelab Df.Wf.288Res.384.92.72.22

CVSS 7.8 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

local

low complexity

iperov

CWE-502

NVD

Published: 2024-01-18

Updated: 2024-04-11

Summary

A vulnerability, which was classified as problematic, was found in DeepFaceLab pretrained DF.wf.288res.384.92.72.22. Affected is an unknown function of the file mainscripts/Util.py. The manipulation leads to deserialization. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. VDB-251382 is the identifier assigned to this vulnerability.

Vulnerable Configurations

Part	Description	Count
Application	Iperov Iperov Deepfacelab Df.Wf.288Res.384.92.72.22	1

Common Weakness Enumeration (CWE)

CWE-502 - Deserialization of Untrusted Data

References

https://vuldb.com/?id.251382
https://vuldb.com/?ctiid.251382
https://github.com/bayuncao/vul-cve-4
https://github.com/bayuncao/vul-cve-4/blob/main/picture/1071705290840_.pic_hd.jpg