CVE-2025-23045

CVE-2025-23045 is a deserialization vulnerability (CWE-502) in the Computer Vision Annotation Tool (CVAT), an interactive video and image annotation tool for computer vision tasks. It affects CVAT deployments that run serverless functions of type "tracker" from the CVAT Git repository, specifically TransT and SiamMask. Custom tracker functions may also be vulnerable if they use unsafe serialization libraries such as pickle or jsonpickle. The flaw enables an attacker with an account on an affected CVAT instance to execute arbitrary code within the context of the Nuclio function container. The vulnerability has a CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) and was published on 2025-01-28.

An authenticated attacker with a standard account on the CVAT instance can exploit this vulnerability remotely over the network with low complexity. By targeting the affected tracker functions, they can achieve remote code execution in the Nuclio container, potentially leading to high confidentiality, integrity, and availability impacts, such as data exfiltration, modification of annotation data, or container compromise.

Mitigation requires upgrading to CVAT version 2.26.0 or later, as detailed in the GitHub security advisory (GHSA-wq36-mxf8-hv62) and the fixing commit (563e1dfde64b15fa042b23f9d09cd854b35f0366). If upgrading is not feasible, administrators should immediately shut down any running instances of the TransT or SiamMask functions.