Cyber Resilience

CVE-2025-2129

Medium

Published: 09 March 2025

Published
09 March 2025
Modified
15 April 2026
KEV Added
Patch
CVSS Score v4 6.3 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS Score 0.0665 91.4th percentile
Risk Priority 17 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-2129 is a medium-severity Initialization of a Resource with an Insecure Default (CWE-1188) vulnerability. Its CVSS base score is 6.3 (Medium).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 8.6% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

This vulnerability is AI-related — categorised as Other Platforms; in the Supply Chain and Deployment risk domain.

The strongest mitigations our analysis identified are NIST 800-53 RA-5 (Vulnerability Monitoring and Scanning) and SI-2 (Flaw Remediation).

Deeper analysis

CVE-2025-2129 is a problematic vulnerability in Mage AI version 0.9.75, stemming from insecure default initialization of a resource (CWE-1188). It affects an unknown part of the software and was published on 2025-03-09.

Remote attackers with no privileges required can initiate exploitation over the network, though it demands high attack complexity and is considered difficult to exploit. Successful attacks result in low impacts to confidentiality, integrity, and availability, per the CVSS 3.1 base score of 5.6 (AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L).

Advisories note that the exploit has been publicly disclosed and may be usable, with references including a GitHub publication detailing the issue and VulDB entries. However, the vulnerability's real existence remains doubted, and after 7 months of researcher follow-ups, Mage AI has rejected it as a valid security issue and confirmed they will not address it. No patches or mitigations are planned.

EU & UK References

Vulnerability details

A vulnerability was found in Mage AI 0.9.75. It has been classified as problematic. This affects an unknown part. The manipulation leads to insecure default initialization of resource. It is possible to initiate the attack remotely. The complexity of an…

more

attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. The real existence of this vulnerability is still doubted at the moment. After 7 months of repeated follow-ups by the researcher, Mage AI has decided to not accept this issue as a valid security vulnerability and has confirmed that they will not be addressing it.

CWE(s)

AI Security AnalysisAI

AI Category
Other Platforms
Risk Domain
Supply Chain and Deployment
OWASP Top 10 for LLMs 2025
None mapped
Classification Reason
Matched keywords: ai

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
Why these techniques?

The vulnerability allows remote exploitation of Mage AI, a public-facing web application/server software component, due to insecure default initialization of a resource.

CVEs Like This One

CVE-2026-32965Shared CWE-1188
CVE-2025-69970Shared CWE-1188
CVE-2026-33376Shared CWE-1188
CVE-2026-27662Shared CWE-1188
CVE-2026-31957Shared CWE-1188
CVE-2026-30805Shared CWE-1188
CVE-2026-43581Shared CWE-1188
CVE-2026-35672Shared CWE-1188
CVE-2025-56332Shared CWE-1188
CVE-2018-25193Shared CWE-1188

Affected Assets

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

preventrecover

SI-2 directly mandates timely remediation of known flaws like CVE-2025-2129's insecure default resource initialization through patches, upgrades, configuration changes, or removal despite vendor non-response.

detect

RA-5 requires vulnerability scanning and monitoring that would identify the presence of CVE-2025-2129 in Mage AI 0.9.75 deployments.

preventdetect

SI-5 ensures the organization receives and acts on security advisories for disclosed vulnerabilities like CVE-2025-2129, even if doubted by the vendor.

References