CVE-2024-56137
Published: 02 January 2025
Summary
CVE-2024-56137 is a medium-severity OS Command Injection (CWE-78) vulnerability in Maxkb Maxkb. Its CVSS base score is 6.8 (Medium).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation of Remote Services (T1210); ranked in the top 10.9% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
This vulnerability is AI-related — categorised as Enterprise AI Assistants; in the Other ATLAS/OWASP Terms risk domain.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Remediating the command injection flaw in MaxKB's function library module by patching to v1.9.0 or later directly prevents privileged users from executing arbitrary OS commands via custom scripts.
Validating inputs to the function library module prevents OS command injection by ensuring custom script parameters do not contain malicious commands.
Enforcing least privilege limits the number of users with access to the vulnerable custom script functionality, reducing the attack surface for exploitation.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
The RCE vulnerability enables privileged users to remotely execute arbitrary OS commands via custom scripts in the function library module, facilitating T1210 (Exploitation of Remote Services) and T1059 (Command and Scripting Interpreter).
NVD Description
MaxKB, which stands for Max Knowledge Base, is an open source knowledge base question-answering system based on a large language model and retrieval-augmented generation (RAG). Prior to version 1.9.0, a remote command execution vulnerability exists in the module of function…
more
library. The vulnerability allow privileged users to execute OS command in custom scripts. The vulnerability has been fixed in v1.9.0.
Deeper analysisAI
CVE-2024-56137 is a remote command execution vulnerability (CWE-78: OS Command Injection) affecting MaxKB, an open-source knowledge base question-answering system built on large language models and retrieval-augmented generation (RAG). The issue resides in the function library module and impacts versions prior to 1.9.0, where privileged users can inject and execute arbitrary operating system commands through custom scripts. It carries a CVSS v3.1 base score of 6.8 (AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H), indicating medium severity due to requirements for high privileges and user interaction.
Exploitation requires an attacker to possess privileged access to the MaxKB instance, after which they must trick a user into performing an action that triggers the vulnerable custom script functionality. Successful exploitation enables remote execution of OS commands on the host system, potentially granting high-impact confidentiality, integrity, and availability compromises, such as data exfiltration, system modification, or denial of service.
The vulnerability has been fully addressed in MaxKB version 1.9.0, as detailed in the GitHub security advisory (GHSA-76w2-2g72-cg85). Security practitioners should prioritize upgrading to v1.9.0 or later and review access controls for privileged users in RAG-based LLM deployments to prevent script-based command injection.
Details
- CWE(s)
Affected Products
AI Security AnalysisAI
- AI Category
- Enterprise AI Assistants
- Risk Domain
- Other ATLAS/OWASP Terms
- OWASP Top 10 for LLMs 2025
- None mapped
- Classification Reason
- MaxKB is an open-source knowledge base question-answering system explicitly based on large language models (LLM) and retrieval-augmented generation (RAG), fitting the Enterprise AI Assistants category as it provides AI-driven Q&A capabilities typically used in enterprise settings.