Record summary
A quick snapshot of what this page covers.
Control summary
What this defense is meant to help prevent.
Vulnerability scanning is used to find potentially exploitable software vulnerabilities to remediate them.
File formats such as pickle files that are commonly used to store AI models can contain exploits that allow for arbitrary code execution. These files should be scanned for potentially unsafe calls, which could be used to execute code, create new processes, or establish networking capabilities. Adversaries may embed malicious code in model corrupt model files, so scanners should be capable of working with models that cannot be fully de-serialized. Model artifacts, downstream products produced by models, and external software dependencies should be scanned for known vulnerabilities.
- ATLAS ID
- AML.M0016
- ATT&CK external ID
- M1016
- Priority score
- 15
Covered techniques
Attacks this defense is designed to help with.
AML.T0011.001 - Malicious Package
Vulnerability scanning can help identify malicious packages and prevent user execution.
AML.T0011.000 - Unsafe AI Artifacts
Vulnerability scanning can help identify malicious AI artifacts, such as models or data, and prevent user execution.
AML.T0011 - User Execution
Vulnerability scanning can help identify malicious binaries and prevent user execution.
Source
Where this page information comes from.
Original source
Original source links
Open the public records and source datasets used for this page.