Image by standret, from Freepik

Critical Security Flaw Discovered In Meta’s AI Framework

• Written by Kiara Fabbri Former Tech News Writer
• Fact-Checked by Justyn Newman Former Lead Cybersecurity Editor

A severe security vulnerability, CVE-2024-50050, has been identified in Meta’s open-source framework for generative AI, known as Llama Stack.

In a Rush? Here are the Quick Facts!

• The vulnerability, CVE-2024-50050, allows remote code execution via untrusted deserialized data.
• Meta patched the issue in version 0.0.41 with a safer Pydantic JSON implementation.
• The vulnerability scored 9.3 (critical) on CVSS 4.0 due to its exploitability.

The flaw, disclosed by the Oligo Research team , could allow attackers to remotely execute malicious code on servers using the framework. The vulnerability, caused by unsafe handling of serialized data, highlights the ongoing challenges of securing AI development tools.

Llama Stack, introduced by Meta in July 2024, supports the development and deployment of AI applications built on Meta’s Llama models. The research team explains that the flaw lies in its default server, which uses Python’s pyzmq library to handle data.

A specific method, recv_pyobj, automatically processes data with Python’s insecure pickle module. This makes it possible for attackers to send harmful data that runs unauthorized code. The researchers say that when exposed over a network, servers running the default configuration become vulnerable to remote code execution (RCE).

Such attacks could result in resource theft, data breaches, or unauthorized control over AI systems. The vulnerability was assigned a critical CVSS score of 9.3 (out of 10) by security firm Snyk, although Meta rated it as medium severity at 6.3, as reports by Oligo.

Oligo researchers uncovered the flaw during their analysis of open-source AI frameworks. Despite Llama Stack’s rapid rise in popularity—it went from 200 GitHub stars to over 6,000 within months—the team flagged the risky use of pickle for deserialization, a common cause of RCE vulnerabilities.

To exploit the flaw, attackers could scan for open ports, send malicious objects to the server, and trigger code execution during deserialization. Meta’s default implementation for Llama Stack’s inference server proved particularly susceptible.

Meta quickly addressed the issue after Oligo’s disclosure in September 2024. By October, a patch was released, replacing the insecure pickle-based deserialization with a safer, type-validated JSON implementation using the Pydantic library. Users are urged to upgrade to Llama Stack version 0.0.41 or higher to secure their systems.

The maintainers of pyzmq, the library used in Llama Stack, also updated their documentation to warn against using recv_pyobj with untrusted data.

This incident underscores the risks of using insecure serialization methods in software. Developers are encouraged to rely on safer alternatives and regularly update libraries to mitigate vulnerabilities. For AI tools like Llama Stack, robust security measures remain vital as these frameworks continue to power critical enterprise applications.

Image by Ars Electronica, from Unsplash

Portland Police Deploy Robot Dog For High-Risk Operation

• Written by Kiara Fabbri Former Tech News Writer
• Fact-Checked by Justyn Newman Former Lead Cybersecurity Editor

The Portland Police Bureau has introduced a new addition to its equipment: a robotic dog named “Spot,” developed by Boston Dynamics.

In a Rush? Here are the Quick Facts!

• Spot can navigate stairs, debris, and hazardous areas, reducing risks for responders.
• The robot is operated remotely and equipped with cameras, microphones, and sensors.
• Spot is unarmed, not AI-powered, and will not be used for patrol duties.

During a press conference on Thursday, first reported by KPTV , police outlined several uses for the robot, including bomb disposal and assisting in situations involving armed suspects by delivering a phone for communication with crisis negotiators.

Spot is a quadruped robot capable of navigating uneven terrain, stairs, and other challenging spaces where traditional tracked robots may struggle. Operated via remote control, it is equipped with limited collision-avoidance technology but is not powered by AI, as reported by K103 .

Spot can climb stairs, open doors, pick up objects, and maneuver through obstacles with minimal input, offering responders additional options in emergencies. It is unarmed and will not be used for patrols.

The robot will primarily assist MEDU, a specialized team trained to respond to chemical, biological, radiological, nuclear, and explosive threats in the Portland metropolitan area. Spot will be deployed in situations involving potential explosives, hazardous materials, or armed suspects.

It can also serve in rescue operations, such as searching through debris, where it reduces risk to human responders. Equipped with cameras, microphones, and sensors, Spot can investigate suspicious items, monitor air quality, and act as a communication conduit during critical incidents.

K103 reported that Spot was purchased in November 2024 for approximately $150,000 using FEMA grant funds, Spot is designed to assist in hazardous and complex environments.

Spot underwent scenario testing at the new Portland International Airport terminal before its deployment, ensuring its suitability for complex environments like airplanes, mass transit, and disaster-damaged areas. It provides law enforcement and emergency responders with a tool for safely accessing spaces that would otherwise pose significant risks.

Similar robotic technology is already in use in Oregon, with the National Guard employing it for patrols and Oregon State University researchers using it on Mt. Hood for space exploration studies, as reported by KPTV.