CVE-2025-57622

Critical

Published: 03 March 2026

Published

03 March 2026

Modified

12 March 2026

KEV Added

—

Patch

—

CVSS Score 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS Score 0.0046 64.4th percentile

Risk Priority 20 60% EPSS · 20% KEV · 20% CVSS

Description

An issue in Step-Video-T2V allows a remote attacker to execute arbitrary code via the /vae-api , /caption-api , feature = pickle.loads(request.get_data()) component

Mitigating Controls (NIST 800-53 r5)AI

SI-10 Information Input Validation good match

prevent

Requires validation and sanitization of all inputs, directly preventing malicious pickle deserialization payloads from being processed in the /vae-api and /caption-api endpoints.

SI-2 Flaw Remediation good match

preventrecover

Mandates timely identification, reporting, and correction of flaws like unsafe pickle.loads on untrusted data, addressing the root cause of this RCE vulnerability.

SC-7 Boundary Protection partial match

preventdetect

Enforces boundary protection mechanisms such as web application firewalls to inspect and block crafted requests targeting the vulnerable deserialization endpoints.

Security SummaryAI

CVE-2025-57622 is a critical vulnerability (CVSS score 9.8, CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) affecting Step-Video-T2V, an open-source project from stepfun-ai. The flaw arises from unsafe deserialization of untrusted data via the feature = pickle.loads(request.get_data()) mechanism in the /vae-api and /caption-api components, mapped to CWE-502 (Deserialization of Untrusted Data). Published on 2026-03-03, it enables remote arbitrary code execution on affected instances running this software.

Any unauthenticated remote attacker with network access can exploit this vulnerability with low complexity and no user interaction required. Exploitation involves sending crafted requests to the vulnerable endpoints, triggering the deserialization of malicious pickle data and resulting in arbitrary code execution on the server. This yields high-impact consequences across confidentiality, integrity, and availability.

The vulnerability is detailed in the Step-Video-T2V GitHub repository, including the source code at https://github.com/stepfun-ai/Step-Video-T2V/blob/main/api/call_remote_server.py and issue tracker at https://github.com/stepfun-ai/Step-Video-T2V/issues/65. No specific patches, vendor advisories, or mitigation guidance are outlined in these references.

Details

CWE(s): CWE-502

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access

Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.

attack.mitre.org →

Why these techniques?

The vulnerability allows unauthenticated remote attackers to exploit a public-facing web API endpoint (/vae-api and /caption-api) via unsafe deserialization, enabling arbitrary code execution, which directly maps to T1190: Exploit Public-Facing Application.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

References

https://github.com/stepfun-ai/Step-Video-T2V/blob/main/api/call_remote_server.py
cve@mitre.org
https://github.com/stepfun-ai/Step-Video-T2V/issues/65
cve@mitre.org