CVE-2025-2129 Scanner

Mage AI is a platform used for artificial intelligence solutions and machine learning pipelines. It is utilized by data scientists and machine learning engineers for building and deploying AI applications. The platform allows easy integration with various data sources and provides tools to automate AI model creation. Mage AI is widely adopted in industries requiring machine learning automation, offering flexibility in AI model management and deployment. The product provides advanced features like kernel management and scalable data processing, designed to simplify AI workflows. However, a security vulnerability has been found in version 0.9.75.

The vulnerability discovered in Mage AI 0.9.75 involves insecure default authentication settings. This flaw may allow unauthorized access to resources due to improper configuration. The vulnerability is triggered by insecure default initialization of authentication settings. The issue is remote in nature, and the exploitation complexity is high. However, Mage AI has confirmed it will not address the vulnerability. It was disclosed publicly and might be used for attacks despite its exploitability being considered difficult.

The flaw is related to the default authentication setup within Mage AI. The vulnerable endpoint is found within the "/api/kernels" path of the application. When accessed without proper authentication, the system defaults to insecure configurations, allowing unauthorized access to the kernel API. Attackers can exploit this flaw to potentially gain access to critical resources remotely. The vulnerability exists due to improper initialization during the software's setup process. Mage AI has decided not to address the issue, leaving users at risk of exploitation.

If exploited, this vulnerability could lead to unauthorized access and manipulation of the Mage AI platform. Attackers may use it to perform remote actions without proper authentication, potentially leading to data breaches or system misconfigurations. The flaw could be used to interfere with machine learning models or kernels, affecting the AI workflows. In a worst-case scenario, attackers could gain control of system settings, causing significant disruption. Although exploitation is considered difficult, the public disclosure of the vulnerability increases the risk. Users of Mage AI are advised to be cautious and monitor for potential misuse of this flaw.

REFERENCES

• https://nvd.nist.gov/vuln/detail/CVE-2025-2129
• https://github.com/zn9988/publications/blob/main/2.Mage-AI%20-%20Insecure%20Default%20Authentication%20Setup%20Leading%20to%20Zero-Click%20RCE/README.md
• https://vuldb.com/?ctiid.299049
• https://vuldb.com/?id.299049
• https://vuldb.com/?submit.510690