CVE-2024-10190 – Horovod versions up to v0.28.1 are vulnerable t... (How to Fix)

📋 TL;DR

Horovod versions up to v0.28.1 are vulnerable to unauthenticated remote code execution via malicious pickle objects in PUT requests. Attackers can execute arbitrary code on servers running vulnerable Horovod instances. This affects any system using Horovod for distributed deep learning training.

💻 Affected Systems

Products:

Horovod

Versions: All versions up to and including v0.28.1

Operating Systems: Linux, Windows, macOS

Default Config Vulnerable: ⚠️ Yes

Notes: Vulnerability exists in the ElasticRendezvousHandler component used for distributed training coordination. Any Horovod deployment using this handler is vulnerable.

📦 What is this software?

Horovod by Horovod

View all CVEs affecting Horovod →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete compromise of the Horovod server with attacker gaining full control over the system, potentially leading to data theft, ransomware deployment, or lateral movement within the network.

🟠

Likely Case

Attackers exploit vulnerable internet-facing Horovod instances to install cryptocurrency miners, establish persistent backdoors, or exfiltrate sensitive training data and models.

🟢

If Mitigated

With proper network segmentation and access controls, impact is limited to the isolated Horovod environment, preventing lateral movement to critical systems.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Exploit requires sending a malicious pickle object via HTTP PUT request to the vulnerable endpoint. The vulnerability is straightforward to exploit with publicly available proof-of-concept code.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: v0.29.0 and later

Vendor Advisory: https://github.com/horovod/horovod/security/advisories/GHSA-8q4r-m3rh-8qj2

Restart Required: Yes

Instructions:

1. Update Horovod to version 0.29.0 or later using pip: pip install --upgrade horovod==0.29.0
2. Restart all Horovod processes and services
3. Verify the update with: pip show horovod

🔧 Temporary Workarounds

Network Access Restriction

linux

Restrict network access to Horovod services to trusted IP addresses only

iptables -A INPUT -p tcp --dport 12345 -s trusted_ip_range -j ACCEPT
iptables -A INPUT -p tcp --dport 12345 -j DROP

Disable ElasticRendezvousHandler

all

Configure Horovod to use alternative coordination mechanisms if possible

export HOROVOD_ELASTIC=0

🧯 If You Can't Patch

Isolate Horovod instances in a dedicated network segment with strict egress filtering
Implement application-level authentication and authorization for Horovod endpoints

🔍 How to Verify

Check if Vulnerable:

Check Horovod version with: pip show horovod | grep Version
If version is 0.28.1 or earlier, the system is vulnerable.

Check Version:

pip show horovod | grep Version

Verify Fix Applied:

Verify Horovod version is 0.29.0 or later: pip show horovod | grep Version
Test with a benign pickle payload to ensure the vulnerability is patched.

📡 Detection & Monitoring

Log Indicators:

Unusual PUT requests to Horovod endpoints
Base64-encoded pickle objects in HTTP traffic
Suspicious process execution from Horovod services

Network Indicators:

HTTP PUT requests to Horovod ports (typically 12345) with base64 payloads
Outbound connections from Horovod servers to suspicious IPs

SIEM Query:

source="horovod.log" AND (method="PUT" AND uri="/put" AND size>1000)

📊 Metadata

CVE ID: CVE-2024-10190

CVSS v3 Score: 9.8 (CRITICAL)

CVSS Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-502

EPSS Score: 1.41% exploit probability (80.2th percentile)

Published: March 20, 2025

Last Updated: December 11, 2025

🔗 References

https://huntr.com/bounties/3e398d1f-70c2-4e05-ae22-f5d66b19a754 Exploit,Issue Tracking,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-10190, you might also want to check these: