CVE-2024-12652
Published: 26 December 2024
Summary
CVE-2024-12652 is a critical-severity Code Injection (CWE-94) vulnerability in Intumit Smartrobot. Its CVSS base score is 9.3 (Critical).
Operationally, exploitation aligns with the MITRE ATT&CK technique Command and Scripting Interpreter (T1059); ranked in the top 24.2% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
This vulnerability is AI-related — categorised as Enterprise AI Assistants; in the Other ATLAS/OWASP Terms risk domain; MITRE ATLAS techniques in scope: AI Supply Chain Compromise (AML.T0010), Obtain Capabilities (AML.T0016), Exfiltration via AI Inference API (AML.T0024).
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2024-51026
Vulnerability details
A Improper Control of Generation of Code ('Code Injection') vulnerability in groovy script function in SmartRobot′s Conversational AI Platform before v7.2.0 allows remote authenticated users to perform arbitrary system commands via Groovy code.
- CWE(s)
AI Security AnalysisAI
- AI Category
- Enterprise AI Assistants
- Risk Domain
- Other ATLAS/OWASP Terms
- OWASP Top 10 for LLMs 2025
- None mapped
- Classification Reason
- The vulnerability affects SmartRobot's Conversational AI Platform, which is an enterprise-grade platform for conversational AI, fitting the Enterprise AI Assistants category due to its focus on AI-driven chat and interaction capabilities.
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Code injection in Groovy script function enables remote authenticated users to execute arbitrary system commands, facilitating T1059 (Command and Scripting Interpreter) via Groovy/script execution and T1210 (Exploitation of Remote Services) as an RCE vulnerability in a remote platform service.
MITRE ATLAS TechniquesAI
MITRE ATLAS techniques
Affected Assets
Mitigating Controls
Likely Mitigating Controls AI
Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.
Makes persistent code injection into loaded programs impossible when the executable image itself resides on hardware-protected read-only media.
Dynamically generated code can be produced and executed inside the isolated chamber, preventing host compromise from code-injection payloads.
Validates inputs used in dynamic code generation to block injected directives.
Directly prevents execution of attacker-supplied code written into data memory regions.