{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata. Fed continuously.","feed_url":"https://feed.craftedsignal.io/cpes/cpe2.3alinuxfoundationonnx1.17.0/feed.json","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cpes":["cpe:2.3:a:linuxfoundation:onnx:1.17.0:*:*:*:*:*:*:*"],"_cs_cves":[{"cvss":8.8,"id":"CVE-2025-51480"}],"_cs_exploited":false,"_cs_has_poc":false,"_cs_poc_references":[],"_cs_products":["ONNX 1.17.0"],"_cs_severities":["high"],"_cs_tags":["path-traversal","file-overwrite","onnx"],"_cs_type":"advisory","_cs_vendors":["Microsoft","ONNX"],"content_html":"\u003cp\u003eA path traversal vulnerability, identified as CVE-2025-51480, exists within the onnx.external_data_helper.save_external_data component of ONNX (Open Neural Network Exchange) version 1.17.0. This flaw enables a malicious actor to overwrite arbitrary files on the system by crafting a specific external_data.location path. This crafted path incorporates traversal sequences (e.g., \u0026ldquo;../\u0026rdquo;) which are designed to bypass intended directory restrictions. This vulnerability can be exploited if an attacker can control the external data location, potentially leading to arbitrary file overwrite and subsequent system compromise.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eAn attacker crafts a malicious ONNX model containing a specially crafted \u003ccode\u003eexternal_data.location\u003c/code\u003e path.\u003c/li\u003e\n\u003cli\u003eThe crafted \u003ccode\u003eexternal_data.location\u003c/code\u003e path includes path traversal sequences (e.g., \u0026ldquo;../\u0026rdquo;) to navigate outside the intended directory.\u003c/li\u003e\n\u003cli\u003eThe attacker provides this malicious ONNX model to a system running ONNX 1.17.0.\u003c/li\u003e\n\u003cli\u003eThe vulnerable \u003ccode\u003eonnx.external_data_helper.save_external_data\u003c/code\u003e function processes the malicious model.\u003c/li\u003e\n\u003cli\u003eDue to the path traversal vulnerability, the function bypasses intended directory restrictions.\u003c/li\u003e\n\u003cli\u003eThe function attempts to save external data to the attacker-controlled path specified in the \u003ccode\u003eexternal_data.location\u003c/code\u003e field.\u003c/li\u003e\n\u003cli\u003eThe attacker overwrites arbitrary files on the system with attacker-controlled data.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful exploitation of CVE-2025-51480 allows an attacker to overwrite arbitrary files on the system where ONNX 1.17.0 is installed. This can lead to various malicious outcomes, including modification of critical system files, planting backdoors, or corrupting application data. The potential impact ranges from denial of service to complete system compromise, depending on the nature of the overwritten files.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade to a patched version of ONNX that addresses CVE-2025-51480.\u003c/li\u003e\n\u003cli\u003eApply input validation and sanitization to any user-supplied or external data used to construct file paths within ONNX models.\u003c/li\u003e\n\u003cli\u003eDeploy the Sigma rule detecting path traversal attempts to the webserver logs.\u003c/li\u003e\n\u003cli\u003eMonitor file system events for suspicious file overwrites, especially involving files referenced in the Sigma rule.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-05-23T07:59:48Z","date_published":"2026-05-23T07:59:48Z","id":"https://feed.craftedsignal.io/briefs/2026-05-onnx-path-traversal/","summary":"CVE-2025-51480 is a path traversal vulnerability in ONNX 1.17.0 that allows attackers to overwrite arbitrary files by supplying crafted external_data.location paths containing traversal sequences.","title":"ONNX Path Traversal Vulnerability (CVE-2025-51480)","url":"https://feed.craftedsignal.io/briefs/2026-05-onnx-path-traversal/"}],"language":"en","title":"CraftedSignal Threat Feed — Cpe:2.3:a:linuxfoundation:onnx:1.17.0:*:*:*:*:*:*:*","version":"https://jsonfeed.org/version/1.1"}