Cyber Resilience

CVE-2024-56137

MediumPublic PoCRCE

Published: 02 January 2025

Published
02 January 2025
Modified
01 August 2025
KEV Added
Patch
CVSS Score v3.1 6.8 CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H
EPSS Score 0.0584 90.7th percentile
Risk Priority 17 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-56137 is a medium-severity OS Command Injection (CWE-78) vulnerability in Maxkb Maxkb. Its CVSS base score is 6.8 (Medium).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation of Remote Services (T1210); ranked in the top 9.3% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

This vulnerability is AI-related — categorised as LLM Application Platforms; in the Supply Chain and Deployment risk domain.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).

Deeper analysis

MaxKB is an open source knowledge base question-answering system built on large language models and retrieval-augmented generation. Prior to version 1.9.0 it contained a remote command execution flaw in the function library module, tracked as CWE-78, that allowed operating system commands to be run via custom scripts. The vulnerability received a CVSS 3.1 score of 6.8 with the vector AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H.

An attacker must already possess privileged credentials and the ability to reach the application over the network. By supplying a malicious script in the function library, the attacker can execute arbitrary operating system commands, resulting in full control over confidentiality, integrity, and availability of the affected instance.

The GitHub advisory GHSA-76w2-2g72-cg85 states that the issue is resolved in release 1.9.0. The associated EPSS score has remained flat at 0.0584 with no material increase after disclosure.

EU & UK References

Vulnerability details

MaxKB, which stands for Max Knowledge Base, is an open source knowledge base question-answering system based on a large language model and retrieval-augmented generation (RAG). Prior to version 1.9.0, a remote command execution vulnerability exists in the module of function…

more

library. The vulnerability allow privileged‌ users to execute OS command in custom scripts. The vulnerability has been fixed in v1.9.0.

CWE(s)

AI Security AnalysisAI

AI Category
LLM Application Platforms
Risk Domain
Supply Chain and Deployment
OWASP Top 10 for LLMs 2025
None mapped
Classification Reason
Matched keywords: large language model

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1210 Exploitation of Remote Services Lateral Movement
Adversaries may exploit remote services to gain unauthorized access to internal systems once inside of a network.
T1059 Command and Scripting Interpreter Execution
Adversaries may abuse command and script interpreters to execute commands, scripts, or binaries.
Why these techniques?

The RCE vulnerability enables privileged users to remotely execute arbitrary OS commands via custom scripts in the function library module, facilitating T1210 (Exploitation of Remote Services) and T1059 (Command and Scripting Interpreter).

CVEs Like This One

CVE-2026-39420Same product: Maxkb Maxkb
CVE-2025-53928Same product: Maxkb Maxkb
CVE-2026-39421Same product: Maxkb Maxkb
CVE-2026-39418Same product: Maxkb Maxkb
CVE-2026-33613Shared CWE-78
CVE-2025-55055Shared CWE-78
CVE-2026-25105Shared CWE-78
CVE-2026-24452Shared CWE-78
CVE-2026-1428Shared CWE-78
CVE-2025-44961Shared CWE-78

Affected Assets

maxkb
maxkb
≤ 1.9.0

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Remediating the command injection flaw in MaxKB's function library module by patching to v1.9.0 or later directly prevents privileged users from executing arbitrary OS commands via custom scripts.

prevent

Validating inputs to the function library module prevents OS command injection by ensuring custom script parameters do not contain malicious commands.

prevent

Enforcing least privilege limits the number of users with access to the vulnerable custom script functionality, reducing the attack surface for exploitation.

References