CVE-2025-1550

Published Mar 11, 2025

Last updated 3 months ago

CVSS high 7.3

Overview

Description
The Keras Model.load_model function permits arbitrary code execution, even with safe_mode=True, through a manually constructed, malicious .keras archive. By altering the config.json file within the archive, an attacker can specify arbitrary Python modules and functions, along with their arguments, to be loaded and executed during model loading.
Source
cve-coordination@google.com
NVD status
Received

Risk scores

CVSS 4.0

Type
Secondary
Base score
7.3
Impact score
-
Exploitability score
-
Vector string
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Severity
HIGH

Weaknesses

cve-coordination@google.com
CWE-94

Social media

Hype score
Not currently trending

  1. Safe mode? Still exploitable. 🔓 Our latest blog unpacks how Keras’s config.json can be weaponized even with safe_mode=True, no Lambda layer needed. 👀 CVE-2025-1550 + a fresh PoC using keras.utils.get_file Read it 👉 https://t.co/I8H34dk6WZ https://t.co/pElfNv0AH4

    @huntr_ai

    20 Jun 2025

    219 Impressions

    3 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  2. Top 5 Trending CVEs: 1 - CVE-2025-37752 2 - CVE-2025-0995 3 - CVE-2025-1550 4 - CVE-2025-24203 5 - CVE-2025-32819 #cve #cvetrends #cveshield #cybersecurity https://t.co/4Fua3CAN6W

    @CVEShield

    12 May 2025

    13 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  3. Inside CVE-2025-1550: Remote Code Execution via Keras Models https://t.co/E8lqpn8Hc2 @huntr_ai

    @tbbhunter

    11 May 2025

    1160 Impressions

    2 Retweets

    8 Likes

    3 Bookmarks

    0 Replies

    0 Quotes

  4. Threat Alert: Keras Deep Learning Framework Hit by Arbitrary Code Execution Vulnerability (CVE CVE-2025-1550 Severity: ⚠️ Critical Maturity: 💢 Emerging Learn more: https://t.co/2BYsxzMwVM #CyberSecurity #ThreatIntel #InfoSec

    @fletch_ai

    15 Mar 2025

    4 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  5. 🚨 A critical vulnerability (CVE-2025-1550) in Keras allows arbitrary code execution via Model.load_model, even in safe mode. Update to version 3.9+ and load models from trusted sources! 🔒 #Keras #DeepLearning #USA link: https://t.co/EWW6ZZwaBI https://t.co/ORKlgZPlzO

    @TweetThreatNews

    14 Mar 2025

    15 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  6. 🚨 CVE-2025-1550 🔴 HIGH (7.3) 🏢 Google - Keras 🏗️ 3.0.0 🔗 https://t.co/roTpZEoC39 #CyberCron #VulnAlert #InfoSec https://t.co/YAQdo1o40C

    @cybercronai

    11 Mar 2025

    14 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

References

Sources include official advisories and independent security research.