Cyber Resilience

CVE-2025-57622

CriticalRCE

Published: 03 March 2026

Published
03 March 2026
Modified
12 March 2026
KEV Added
Patch
CVSS Score v3.1 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0050 38.7th percentile
Risk Priority 70 floored blend · peak EPSS

Summary

CVE-2025-57622 is a critical-severity Deserialization of Untrusted Data (CWE-502) vulnerability. Its CVSS base score is 9.8 (Critical).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 38.7th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).

Deeper analysis

CVE-2025-57622 is a critical vulnerability (CVSS score 9.8, CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) affecting Step-Video-T2V, an open-source project from stepfun-ai. The flaw arises from unsafe deserialization of untrusted data via the feature = pickle.loads(request.get_data()) mechanism in the /vae-api and /caption-api components, mapped to CWE-502 (Deserialization of Untrusted Data). Published on 2026-03-03, it enables remote arbitrary code execution on affected instances running this software.

Any unauthenticated remote attacker with network access can exploit this vulnerability with low complexity and no user interaction required. Exploitation involves sending crafted requests to the vulnerable endpoints, triggering the deserialization of malicious pickle data and resulting in arbitrary code execution on the server. This yields high-impact consequences across confidentiality, integrity, and availability.

The vulnerability is detailed in the Step-Video-T2V GitHub repository, including the source code at https://github.com/stepfun-ai/Step-Video-T2V/blob/main/api/call_remote_server.py and issue tracker at https://github.com/stepfun-ai/Step-Video-T2V/issues/65. No specific patches, vendor advisories, or mitigation guidance are outlined in these references.

OWASP Top 10 for Web (2025)

EU & UK References

Vulnerability details

An issue in Step-Video-T2V allows a remote attacker to execute arbitrary code via the /vae-api , /caption-api , feature = pickle.loads(request.get_data()) component

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
Why these techniques?

The vulnerability allows unauthenticated remote attackers to exploit a public-facing web API endpoint (/vae-api and /caption-api) via unsafe deserialization, enabling arbitrary code execution, which directly maps to T1190: Exploit Public-Facing Application.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2025-62368Shared CWE-502
CVE-2025-68903Shared CWE-502
CVE-2025-67911Shared CWE-502
CVE-2025-54014Shared CWE-502
CVE-2026-22505Shared CWE-502
CVE-2025-53078Shared CWE-502
CVE-2026-43633Shared CWE-502
CVE-2025-60039Shared CWE-502
CVE-2026-25429Shared CWE-502
CVE-2025-7697Shared CWE-502

Affected Assets

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Requires validation and sanitization of all inputs, directly preventing malicious pickle deserialization payloads from being processed in the /vae-api and /caption-api endpoints.

preventrecover

Mandates timely identification, reporting, and correction of flaws like unsafe pickle.loads on untrusted data, addressing the root cause of this RCE vulnerability.

preventdetect

Enforces boundary protection mechanisms such as web application firewalls to inspect and block crafted requests targeting the vulnerable deserialization endpoints.

References