Login Sign Up

CVE-2025-3163

5.3 MEDIUM

📋 TL;DR

This critical vulnerability in InternLM LMDeploy allows code injection through manipulation of the Open function in the configuration file. Attackers can execute arbitrary code on affected systems, potentially compromising the entire deployment. Only LMDeploy versions up to 0.7.1 are affected.

💻 Affected Systems

Products:
  • InternLM LMDeploy
Versions: Up to and including 0.7.1
Operating Systems: All platforms running LMDeploy
Default Config Vulnerable: ⚠️ Yes
Notes: Vulnerability exists in the documentation configuration file, but exploitation requires access to modify or trigger this file.

📦 What is this software?

Lmdeploy by Internlm

View all CVEs affecting Lmdeploy →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system compromise allowing attacker to execute arbitrary code, steal sensitive data, install malware, or pivot to other systems.

🟠

Likely Case

Local privilege escalation or unauthorized code execution leading to data theft or system manipulation.

🟢

If Mitigated

Limited impact if proper access controls and sandboxing prevent code execution or restrict file system access.

🌐 Internet-Facing: LOW
🏢 Internal Only: HIGH

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ✅ No
Complexity: LOW

Exploit requires local access to the system and ability to manipulate the conf.py file. Public exploit details are available.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 0.7.2 or later

Vendor Advisory: https://github.com/InternLM/lmdeploy/issues/3254

Restart Required: Yes

Instructions:

1. Check current version with 'lmdeploy --version'. 2. Update to version 0.7.2 or later using 'pip install --upgrade lmdeploy'. 3. Restart any running LMDeploy services.

🔧 Temporary Workarounds

Restrict file permissions

linux

Set strict permissions on lmdeploy/docs/en/conf.py to prevent unauthorized modifications

chmod 600 /path/to/lmdeploy/docs/en/conf.py
chown root:root /path/to/lmdeploy/docs/en/conf.py

Disable vulnerable functionality

all

Remove or rename the vulnerable conf.py file if documentation generation is not required

mv /path/to/lmdeploy/docs/en/conf.py /path/to/lmdeploy/docs/en/conf.py.backup

🧯 If You Can't Patch

  • Implement strict access controls to prevent unauthorized users from modifying configuration files.
  • Monitor file integrity of conf.py and alert on any modifications.

🔍 How to Verify

Check if Vulnerable:

Check if lmdeploy version is 0.7.1 or earlier using 'lmdeploy --version' or 'pip show lmdeploy'

Check Version:

lmdeploy --version || pip show lmdeploy | grep Version

Verify Fix Applied:

Confirm version is 0.7.2 or later and verify conf.py file has been updated with security fixes

📡 Detection & Monitoring

Log Indicators:

  • Unexpected modifications to conf.py file
  • Unusual process execution from Python documentation tools
  • Errors in documentation generation logs

Network Indicators:

  • None - this is a local file manipulation vulnerability

SIEM Query:

file_modification AND file_path:"*conf.py" AND process_name:"python*"

📊 Metadata

CVE ID: CVE-2025-3163
CVSS v3 Score: 5.3 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
CWE: CWE-74
EPSS Score: 0.11% exploit probability (29.5th percentile)
Published: April 3, 2025
Last Updated: April 23, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-3163, you might also want to check these:

CVE-2026-25520 10.0

SandboxJS versions before 0.8.29 have a critical sandbox escape vulnerability that allows attackers ...

Same vulnerability type (CWE-74)
CVE-2026-25586 10.0

This CVE describes a sandbox escape vulnerability in SandboxJS library versions before 0.8.29. Attac...

Same vulnerability type (CWE-74)
CVE-2025-20281 10.0

An unauthenticated remote code execution vulnerability in Cisco ISE and ISE-PIC API allows attackers...

Same vulnerability type (CWE-74)