Adversarial Robustness Toolbox Command-Line Argument Injection Vulnerability in Kubeflow Component Allowing Arbitrary Code Execution

A command-line argument injection vulnerability has been identified in the Adversarial Robustness Toolbox (ART) versions through 1.20.1, specifically within the Kubeflow component's script 'robustness_evaluation_fgsm_pytorch.py'. The vulnerability arises because the script uses the unsafe 'eval()' function to process string values from the '--clip_values' and '--input_shape' command-line arguments. This flaw enables an attacker to inject arbitrary Python code into these arguments, which will be executed when 'eval()' is invoked. The vulnerability can be exploited remotely if an attacker can manipulate these arguments, such as through pipeline configuration or automated scripts, leading to arbitrary code execution on the system running the ART evaluation.

Impact

Exploitation of this vulnerability allows for arbitrary code execution on the system where the affected ART evaluation is conducted.