CVE-2025-27778
Published: 19 March 2025
Summary
CVE-2025-27778 is a high-severity Deserialization of Untrusted Data (CWE-502) vulnerability in Applio Applio. Its CVSS base score is 8.9 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 10.7% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).
Deeper analysis
Applio, an open-source voice conversion tool, contains an unsafe deserialization flaw in infer.py that affects all versions through 3.2.8-bugfix. The vulnerability, tracked as CWE-502, permits an attacker to supply a malicious serialized object that is deserialized without validation, resulting in arbitrary code execution on the host.
Because the affected code paths are reachable over the network without authentication or user interaction, an unauthenticated remote attacker can exploit the issue to execute commands, install malware, or pivot within the target environment. The CVSS 4.0 score of 8.9 reflects the combination of network attack vector, low complexity, and full impact on confidentiality, integrity, and availability.
Public references show that the maintainers addressed the flaw in two commits on the main branch, yet no numbered release containing the fix has been published. Security teams must therefore obtain the patched code directly from the repository until an official release is tagged. The associated EPSS score has remained modest, reaching a peak of 0.0582 before receding to its current value of 0.0443.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2025-6790
Vulnerability details
Applio is a voice conversion tool. Versions 3.2.8-bugfix and prior are vulnerable to unsafe deserialization in `infer.py`. The issue can lead to remote code execution. As of time of publication, a fix is available on the `main` branch of the…
more
Applio repository but not attached to a numbered release.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Unsafe deserialization vulnerability enabling remote unauthenticated RCE via malicious input to network-accessible components (infer.py etc.) in the application.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly remediates the unsafe deserialization vulnerability in infer.py by applying the available fix from the Applio main branch.
Validates untrusted network inputs to infer.py, inference.py, and tts.py to block malicious deserialization payloads leading to RCE.
Provides memory protections such as ASLR and DEP to hinder arbitrary code execution resulting from unsafe deserialization exploitation.