CVE-2024-0654 MEDIUM

CVE-2024-0654: DeepFaceLab Util.py deserialization

Vendor N/A
Product DeepFaceLab
Weakness CWE-502 · Unsafe deserialization
Published January 18, 2024
Last update June 2, 2025

CVSS base score

5.3/10
Attack vector Local
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality Low
Integrity Low

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

What the vulnerability does

01Description

A vulnerability, which was classified as problematic, was found in DeepFaceLab pretrained DF.wf.288res.384.92.72.22. Affected is an unknown function of the file mainscripts/Util.py. The manipulation leads to deserialization. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. VDB-251382 is the identifier assigned to this vulnerability.

Key dates

02Disclosure timeline

January 18, 2024 CVE published
June 2, 2025 Record updated