CVE-2024-12029

Remote Code Execution via Model Deserialization in invoke-ai/invokeai

CVSS 9.8 CRITICALEPSS 5.3%CWE-502

Vexday Risk Score

63High priority

SSVC decision (CISA)

Attend

PoC available → attend closely

CVSS 9.8EPSS 5.3%KEV nãoPoC públicaNuclei —Metasploit simPatch —

Lifecycle

07 Feb 2025Metasploit module available

20 Mar 2025Published on NVD

15 Apr 2026Public PoC

Recommendation: Plan a near-term fix — a public PoC already exists.

A remote code execution vulnerability exists in invoke-ai/invokeai versions 5.3.1 through 5.4.2 via the /api/v2/models/install API. The vulnerability arises from unsafe deserialization of model files using torch.load without proper validation. Attackers can exploit this by embedding malicious code in model files, which is executed upon loading. This issue is fixed in version 5.4.3.

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected products

invoke-ai · invoke-ai/invokeai

public PoCs found — 1

githubgithub.com/Lu3ky13/Alternative-Approach-Reverse-Shell-Callback-Test-InvokeAI-RCE★ 0

⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://github.com/invoke-ai/invokeai/commit/756008dc5899081c5aa51e5bd8f24c1b3975a59e https://huntr.com/bounties/9b790f94-1b1b-4071-bc27-78445d1a87a3