AI Threat Alert
ATLAS Landscape
AML.T0016.001
Software Tools
Adversaries may search for and obtain software tools to support their operations. Software designed for legitimate use may be repurposed by an adversary for malicious intent. An adversary may modify or customize software tools to achieve their purpose. Software tools used to support attacks on AI systems are not necessarily AI-based themselves.
4 CVEs mapped
View on MITRE ATLAS →
| Severity | CVE | Headline | Package | CVSS |
|---|---|---|---|---|
| HIGH | CVE-2021-41214 | TensorFlow: null deref in ragged ops, local RCE | tensorflow | 7.8 |
| HIGH | CVE-2021-29536 | TensorFlow: heap overflow in QuantizedReshape op | tensorflow | 7.8 |
| HIGH | CVE-2021-29558 | TensorFlow: heap buffer overflow in SparseSplit op | tensorflow | 7.8 |
| HIGH | CVE-2020-26267 | TensorFlow: OOB read in DataFormatVecPermute op | tensorflow | 7.8 |