CVE-2025-58755
Published: 09 September 2025
Summary
CVE-2025-58755 is a high-severity Path Traversal (CWE-22) vulnerability in Monai Medical Open Network For Ai. Its CVSS base score is 8.8 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Compromise Host Software Binary (T1554); ranked at the 31.6th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
This vulnerability is AI-related — categorised as Computer Vision; in the Supply Chain and Deployment risk domain.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Directly requires validation of file paths in ZIP inputs to prevent path traversal exploitation during extraction that overwrites system files.
Mandates timely identification, reporting, and remediation of flaws like the unsafe zip_file.extractall function in MONAI versions up to 1.5.0.
Enforces integrity verification of software and files to identify unauthorized overwrites resulting from malicious ZIP decompression.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
The ZIP extraction vulnerability enables path traversal leading to arbitrary overwrite of system files, facilitating compromise of host software binaries (T1554), disabling or modifying security tools via file overwrite (T1562.001), and stored data manipulation (T1565.001).
NVD Description
MONAI (Medical Open Network for AI) is an AI toolkit for health care imaging. The extractall function `zip_file.extractall(output_dir)` is used directly to process compressed files. It is used in many places in the project. In versions up to and including…
more
1.5.0, when the Zip file containing malicious content is decompressed, it overwrites the system files. In addition, the project allows the download of the zip content through the link, which increases the scope of exploitation of this vulnerability. As of time of publication, no known fixed versions are available.
Deeper analysisAI
CVE-2025-58755 is a path traversal vulnerability (CWE-22) in MONAI, an open-source AI toolkit for healthcare imaging. In versions up to and including 1.5.0, the project directly invokes the `zip_file.extractall(output_dir)` function without path sanitization in multiple locations to process compressed files. This allows malicious ZIP archives to overwrite arbitrary system files during decompression. The CVSS v3.1 base score is 8.8 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H), reflecting high severity due to network accessibility and significant impacts.
An attacker with low privileges, such as an authenticated user, can exploit this over the network by providing a specially crafted ZIP file containing paths that traverse to system directories. The project's support for downloading ZIP content via links further broadens the attack surface, enabling remote supply of malicious files. Successful exploitation overwrites critical system files, potentially granting full control over the affected system with high confidentiality, integrity, and availability impacts.
The primary advisory is available at https://github.com/Project-MONAI/MONAI/security/advisories/GHSA-x6ww-pf9m-m73m. As of the CVE publication on 2025-09-09, no fixed versions are available, so mitigation requires avoiding processing untrusted ZIP files with MONAI's extractall functionality until patches are released.
Details
- CWE(s)
Affected Products
AI Security AnalysisAI
- AI Category
- Computer Vision
- Risk Domain
- Supply Chain and Deployment
- OWASP Top 10 for LLMs 2025
- None mapped
- Classification Reason
- MONAI is an AI toolkit specialized for healthcare imaging, which relies on computer vision techniques for processing and analyzing medical images.