CVE-2025-2129
Published: 09 March 2025
Summary
CVE-2025-2129 is a medium-severity Initialization of a Resource with an Insecure Default (CWE-1188) vulnerability. Its CVSS base score is 5.6 (Medium).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 8.3% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
This vulnerability is AI-related — categorised as Other Platforms; in the Other ATLAS/OWASP Terms risk domain.
The strongest mitigations our analysis identified are NIST 800-53 RA-5 (Vulnerability Monitoring and Scanning) and SI-2 (Flaw Remediation).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
SI-2 directly mandates timely remediation of known flaws like CVE-2025-2129's insecure default resource initialization through patches, upgrades, configuration changes, or removal despite vendor non-response.
RA-5 requires vulnerability scanning and monitoring that would identify the presence of CVE-2025-2129 in Mage AI 0.9.75 deployments.
SI-5 ensures the organization receives and acts on security advisories for disclosed vulnerabilities like CVE-2025-2129, even if doubted by the vendor.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
The vulnerability allows remote exploitation of Mage AI, a public-facing web application/server software component, due to insecure default initialization of a resource.
NVD Description
A vulnerability was found in Mage AI 0.9.75. It has been classified as problematic. This affects an unknown part. The manipulation leads to insecure default initialization of resource. It is possible to initiate the attack remotely. The complexity of an…
more
attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. The real existence of this vulnerability is still doubted at the moment. After 7 months of repeated follow-ups by the researcher, Mage AI has decided to not accept this issue as a valid security vulnerability and has confirmed that they will not be addressing it.
Deeper analysisAI
CVE-2025-2129 is a problematic vulnerability in Mage AI version 0.9.75, stemming from insecure default initialization of a resource (CWE-1188). It affects an unknown part of the software and was published on 2025-03-09.
Remote attackers with no privileges required can initiate exploitation over the network, though it demands high attack complexity and is considered difficult to exploit. Successful attacks result in low impacts to confidentiality, integrity, and availability, per the CVSS 3.1 base score of 5.6 (AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L).
Advisories note that the exploit has been publicly disclosed and may be usable, with references including a GitHub publication detailing the issue and VulDB entries. However, the vulnerability's real existence remains doubted, and after 7 months of researcher follow-ups, Mage AI has rejected it as a valid security issue and confirmed they will not address it. No patches or mitigations are planned.
Details
- CWE(s)
AI Security AnalysisAI
- AI Category
- Other Platforms
- Risk Domain
- Other ATLAS/OWASP Terms
- OWASP Top 10 for LLMs 2025
- None mapped
- Classification Reason
- Mage AI is an open-source platform for building data pipelines specifically designed for AI and ML workflows, fitting under 'Other Platforms' as it is not a framework, library, or specialized in NLP/CV/etc., but a broader AI data engineering platform.