CVE-2025-0189
Published: 20 March 2025
Summary
CVE-2025-0189 is a high-severity Allocation of Resources Without Limits or Throttling (CWE-770) vulnerability in Aimstack Aim. Its CVSS base score is 7.5 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Application or System Exploitation (T1499.004); ranked in the top 31.0% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
This vulnerability is AI-related — categorised as Other Platforms; in the Other ATLAS/OWASP Terms risk domain.
The strongest mitigations our analysis identified are NIST 800-53 SC-5 (Denial-of-service Protection) and SC-6 (Resource Availability).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Directly implements denial-of-service protections to block resource exhaustion from oversized WebSocket messages in the tracking server.
Protects system resource availability by enforcing allocation controls that prevent depletion during processing of large images.
Validates WebSocket message inputs to reject oversized images before the server attempts to process them.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
The vulnerability enables denial of service by exploiting the tracking server's lack of websocket message size limits, causing unresponsiveness during large image processing, directly facilitating T1499.004 (Application or System Exploitation).
NVD Description
In version 3.25.0 of aimhubio/aim, the tracking server is vulnerable to a denial of service attack. The server overrides the maximum size for websocket messages, allowing very large images to be tracked. This causes the server to become unresponsive to…
more
other requests while processing the large image, leading to a denial of service condition.
Deeper analysisAI
CVE-2025-0189 is a denial-of-service vulnerability in version 3.25.0 of aimhubio/aim, specifically affecting the tracking server component. The issue stems from the server overriding the maximum size limit for WebSocket messages, which allows clients to send very large images for tracking. Processing these oversized images causes the server to become unresponsive to other requests, leading to a denial-of-service condition. The vulnerability has a CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) and is associated with CWE-770.
Any unauthenticated attacker with network access to the tracking server can exploit this vulnerability by transmitting a very large image via WebSocket. The server will attempt to process the oversized payload, consuming resources and rendering it unresponsive to legitimate requests, thereby disrupting service availability for all users.
Mitigation details and additional information are available in the advisory published on Huntr at https://huntr.com/bounties/e4c9bf41-72cf-4d04-baaf-8f12b5b7926e.
Details
- CWE(s)
Affected Products
AI Security AnalysisAI
- AI Category
- Other Platforms
- Risk Domain
- Other ATLAS/OWASP Terms
- OWASP Top 10 for LLMs 2025
- None mapped
- Classification Reason
- Aim (aimhubio/aim) is an open-source experiment tracking platform for AI/ML workflows, used to log metrics, images, and artifacts during ML experiments, fitting under Other Platforms.