Cyber Resilience

CVE-2025-27778

HighRCE

Published: 19 March 2025

Published
19 March 2025
Modified
01 August 2025
KEV Added
Patch
CVSS Score v4 8.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS Score 0.0443 89.3th percentile
Risk Priority 20 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-27778 is a high-severity Deserialization of Untrusted Data (CWE-502) vulnerability in Applio Applio. Its CVSS base score is 8.9 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 10.7% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).

Deeper analysis

Applio, an open-source voice conversion tool, contains an unsafe deserialization flaw in infer.py that affects all versions through 3.2.8-bugfix. The vulnerability, tracked as CWE-502, permits an attacker to supply a malicious serialized object that is deserialized without validation, resulting in arbitrary code execution on the host.

Because the affected code paths are reachable over the network without authentication or user interaction, an unauthenticated remote attacker can exploit the issue to execute commands, install malware, or pivot within the target environment. The CVSS 4.0 score of 8.9 reflects the combination of network attack vector, low complexity, and full impact on confidentiality, integrity, and availability.

Public references show that the maintainers addressed the flaw in two commits on the main branch, yet no numbered release containing the fix has been published. Security teams must therefore obtain the patched code directly from the repository until an official release is tagged. The associated EPSS score has remained modest, reaching a peak of 0.0582 before receding to its current value of 0.0443.

EU & UK References

Vulnerability details

Applio is a voice conversion tool. Versions 3.2.8-bugfix and prior are vulnerable to unsafe deserialization in `infer.py`. The issue can lead to remote code execution. As of time of publication, a fix is available on the `main` branch of the…

more

Applio repository but not attached to a numbered release.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
Why these techniques?

Unsafe deserialization vulnerability enabling remote unauthenticated RCE via malicious input to network-accessible components (infer.py etc.) in the application.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2025-27780Same product: Applio Applio
CVE-2025-27779Same product: Applio Applio
CVE-2025-27781Same product: Applio Applio
CVE-2025-27786Same product: Applio Applio
CVE-2025-27777Same product: Applio Applio
CVE-2025-27782Same product: Applio Applio
CVE-2025-27785Same product: Applio Applio
CVE-2025-27787Same product: Applio Applio
CVE-2025-27783Same product: Applio Applio
CVE-2025-27784Same product: Applio Applio

Affected Assets

applio
applio
≤ 3.2.8-bugfix

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly remediates the unsafe deserialization vulnerability in infer.py by applying the available fix from the Applio main branch.

prevent

Validates untrusted network inputs to infer.py, inference.py, and tts.py to block malicious deserialization payloads leading to RCE.

prevent

Provides memory protections such as ASLR and DEP to hinder arbitrary code execution resulting from unsafe deserialization exploitation.

References