Cyber Resilience

CVE-2024-2007

Medium

Published: 21 March 2024

Published
21 March 2024
Modified
02 June 2025
KEV Added
Patch
CVSS Score v3.1 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
EPSS Score 0.0009 25.2th percentile
Risk Priority 11 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-2007 is a medium-severity an unspecified weakness vulnerability in Openbmb Xagent. Its CVSS base score is 5.3 (Medium).

Operationally, exploitation aligns with the MITRE ATT&CK technique Escape to Host (T1611); ranked at the 25.2th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

This vulnerability is AI-related — categorised as AI Agent Protocols and Integrations; in the Supply Chain and Deployment risk domain.

EU & UK References

Vulnerability details

A vulnerability was found in OpenBMB XAgent 1.0.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component Privileged Mode. The manipulation leads to sandbox issue. The attack needs to be approached locally.…

more

The exploit has been disclosed to the public and may be used. The identifier VDB-255265 was assigned to this vulnerability.

CWE(s)

AI Security AnalysisAI

AI Category
AI Agent Protocols and Integrations
Risk Domain
Supply Chain and Deployment
OWASP Top 10 for LLMs 2025
None mapped
Classification Reason
OpenBMB XAgent is an open-source AI agent framework utilizing LLMs for autonomous tasks in embodied environments, featuring tool integrations such as shell_command_executor executed in Docker containers. The vulnerability involves improper sandboxing in privileged Docker mode, enabling container escapes during tool execution.

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1611 Escape to Host Privilege Escalation
Adversaries may break out of a container or virtualized environment to gain access to the underlying host.
Why these techniques?

CVE-2024-2007 enables container escape from privileged Docker containers in OpenBMB XAgent via shell command execution (e.g., mounting host devices), directly facilitating T1611: Escape to Host.

Affected Assets

openbmb
xagent
1.0.0

Mitigating Controls

No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.

References