Cyber Resilience

CVE-2025-0508

Medium

Published: 20 March 2025

Published
20 March 2025
Modified
15 April 2026
KEV Added
Patch
CVSS Score v3 5.9 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
EPSS Score 0.0014 33.6th percentile
Risk Priority 12 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-0508 is a medium-severity Use of Weak Hash (CWE-328) vulnerability. Its CVSS base score is 5.9 (Medium).

Operationally, exploitation aligns with the MITRE ATT&CK technique Stored Data Manipulation (T1565.001); ranked at the 33.6th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

This vulnerability is AI-related — categorised as Machine Learning Libraries; in the Data-Related Vulnerabilities risk domain.

EU & UK References

Vulnerability details

A vulnerability in the SageMaker Workflow component of aws/sagemaker-python-sdk allows for the possibility of MD5 hash collisions in all versions. This can lead to workflows being inadvertently replaced due to the reuse of results from different configurations that produce the…

more

same MD5 hash. This issue can cause integrity problems within the pipeline, potentially leading to erroneous processing outcomes.

CWE(s)

AI Security AnalysisAI

AI Category
Machine Learning Libraries
Risk Domain
Data-Related Vulnerabilities
OWASP Top 10 for LLMs 2025
None mapped
Classification Reason
Matched keywords: sagemaker

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1565.001 Stored Data Manipulation Impact
Adversaries may insert, delete, or manipulate data at rest in order to influence external outcomes or hide activity, thus threatening the integrity of the data.
Why these techniques?

MD5 hash collisions in SageMaker Workflow enable adversaries to craft different configurations with identical hashes, causing stored workflow results to be incorrectly reused or replaced, facilitating stored data manipulation and integrity compromise.

Affected Assets

Mitigating Controls

Likely Mitigating Controls AI

Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.

addresses: CWE-328

Requires appropriate hash functions for cryptographic uses, preventing reliance on weak hashes.

addresses: CWE-328

Security updates supplant weak hashing algorithms with stronger alternatives before attackers can exploit the original weakness.

References