Horizon Alert
Summary of the vulnerability and why it matters
This advisory concerns a critical vulnerability in Feast, a technology used for managing machine learning features. The issue allows unauthenticated attackers to execute arbitrary operating system commands on the registry server. This could potentially lead to a compromise of the system where Feast is deployed.
- Unauthenticated attackers can run commands on the server.
- Critical vulnerability affects feature management systems.
- Assess potential exposure and impact to your ML operations.
Attack Path
How an attacker could exploit the issue
An attacker can remotely execute code on a Feast registry server by sending a specially crafted gRPC request. This request targets the `user_defined_function.body` field, which is deserialized without proper authorization checks. By embedding a malicious Python object, an attacker can trick the server into running arbitrary operating system commands.
- Unauthenticated network access required.
- Crafted gRPC request triggers deserialization.
- Remote code execution as the service account.
Live Threat
Current exploitation, exposure, and threat context
This vulnerability could allow unauthenticated attackers to execute arbitrary operating system commands on the Feast registry server. This is possible when the `user_defined_function.body` field in an `OnDemandFeatureView` spec is processed, as it is deserialized using `dill.loads()` without prior authorization checks, enabling the injection of malicious Python objects.
- Feast service account commands.
- Unauthenticated gRPC request with crafted payload.
- Remote code execution on the server.
Operational Fix
Recommended remediation, mitigation, and detection steps
This critical vulnerability in Feast's registry server's gRPC API could allow unauthenticated attackers to achieve remote code execution. The first practical step is for application owners and platform teams to identify all instances of the affected Feast version, confirm their network exposure and business criticality, and then work with security teams to prioritize remediation, potentially involving vendor coordination or temporary risk reduction measures if immediate patching isn't feasible.
- Application owners should own the issue.
- Verify network reachability and criticality.
- Plan risk-based remediation.