{"id":47797,"date":"2026-05-01T22:54:38","date_gmt":"2026-05-01T15:54:38","guid":{"rendered":"https:\/\/antoanthongtinhaiphong.gov.vn\/?p=47797"},"modified":"2026-05-05T22:56:06","modified_gmt":"2026-05-05T15:56:06","slug":"lo-hong-rce-nghiem-trong-trong-lerobot-de-doa-he-thong-ai-va-robot","status":"publish","type":"post","link":"https:\/\/antoanthongtinhaiphong.gov.vn\/lo-hong-rce-nghiem-trong-trong-lerobot-de-doa-he-thong-ai-va-robot\/","title":{"rendered":"L\u1ed7 h\u1ed5ng RCE nghi\u00eam tr\u1ecdng trong LeRobot \u0111e d\u1ecda h\u1ec7 th\u1ed1ng AI v\u00e0 robot"},"content":{"rendered":"<div><b>C\u00e1c nh\u00e0 nghi\u00ean c\u1ee9u an ninh m\u1ea1ng v\u1eeba c\u00f4ng b\u1ed1 m\u1ed9t l\u1ed7 h\u1ed5ng nghi\u00eam tr\u1ecdng trong LeRobot, n\u1ec1n t\u1ea3ng robot m\u00e3 ngu\u1ed3n m\u1edf do Hugging Face ph\u00e1t tri\u1ec3n. CVE n\u00e0y cho ph\u00e9p k\u1ebb t\u1ea5n c\u00f4ng th\u1ef1c thi m\u00e3 t\u1eeb xa m\u00e0 kh\u00f4ng c\u1ea7n x\u00e1c th\u1ef1c, \u1ea3nh h\u01b0\u1edfng tr\u1ef1c ti\u1ebfp \u0111\u1ebfn m\u00e1y ch\u1ee7 AI v\u00e0 c\u00e1c thi\u1ebft b\u1ecb robot k\u1ebft n\u1ed1i.<\/b><br \/>\n\u200b<\/div>\n<div>\n<div class=\"bbImageWrapper  js-lbImage\" title=\"lerobot.png\" data-src=\"https:\/\/whitehat.vn\/attachments\/lerobot-png.18933\/\" data-lb-sidebar-href=\"\" data-lb-caption-extra-html=\"\" data-single-image=\"1\"><img loading=\"lazy\" decoding=\"async\" class=\"bbImage\" title=\"lerobot.png\" src=\"https:\/\/whitehat.vn\/attachments\/lerobot-png.18933\/\" alt=\"lerobot.png\" width=\"700\" height=\"390\" data-url=\"\" data-zoom-target=\"1\" \/><\/div>\n<\/div>\n<div>\nL\u1ed7 h\u1ed5ng mang m\u00e3 CVE-2026-25874, \u0111i\u1ec3m CVSS 9.3, xu\u1ea5t ph\u00e1t t\u1eeb c\u00e1ch LeRobot x\u1eed l\u00fd d\u1eef li\u1ec7u trong pipeline suy lu\u1eadn b\u1ea5t \u0111\u1ed3ng b\u1ed9. H\u1ec7 th\u1ed1ng s\u1eed d\u1ee5ng pickle.loads() \u0111\u1ec3 gi\u1ea3i tu\u1ea7n t\u1ef1 h\u00f3a d\u1eef li\u1ec7u nh\u1eadn qua c\u00e1c k\u00eanh gRPC kh\u00f4ng x\u00e1c th\u1ef1c v\u00e0 kh\u00f4ng \u0111\u01b0\u1ee3c m\u00e3 h\u00f3a TLS. \u0110i\u1ec1u n\u00e0y khi\u1ebfn d\u1eef li\u1ec7u t\u1eeb b\u00ean ngo\u00e0i m\u1ea1ng \u0111\u01b0\u1ee3c \u0111\u01b0a tr\u1ef1c ti\u1ebfp v\u00e0o qu\u00e1 tr\u00ecnh x\u1eed l\u00fd, t\u1ea1o \u0111i\u1ec1u ki\u1ec7n cho vi\u1ec7c ch\u00e8n v\u00e0 th\u1ef1c thi m\u00e3 \u0111\u1ed9c.<\/p>\n<p>K\u1ebb t\u1ea5n c\u00f4ng c\u00f3 th\u1ec3 g\u1eedi payload pickle \u0111\u01b0\u1ee3c ch\u1ebf t\u1ea1o s\u1eb5n th\u00f4ng qua c\u00e1c l\u1eddi g\u1ecdi nh\u01b0 SendPolicyInstructions, SendObservations ho\u1eb7c GetActions. Khi PolicyServer ho\u1eb7c Robot Client ti\u1ebfp nh\u1eadn v\u00e0 x\u1eed l\u00fd d\u1eef li\u1ec7u, m\u00e3 \u0111\u1ed9c s\u1ebd \u0111\u01b0\u1ee3c k\u00edch ho\u1ea1t v\u00e0 th\u1ef1c thi tr\u1ef1c ti\u1ebfp tr\u00ean h\u1ec7 th\u1ed1ng \u0111\u00edch.<\/p>\n<p>Theo c\u00f4ng ty an ninh m\u1ea1ng Resecurity, CVE-2026-25874 t\u1eadp trung \u1edf PolicyServer, th\u00e0nh ph\u1ea7n x\u1eed l\u00fd suy lu\u1eadn AI c\u1ee7a h\u1ec7 th\u1ed1ng. N\u1ebfu c\u1ed5ng d\u1ecbch v\u1ee5 n\u00e0y b\u1ecb l\u1ed9 ra b\u00ean ngo\u00e0i, k\u1ebb t\u1ea5n c\u00f4ng c\u00f3 th\u1ec3 g\u1eedi d\u1eef li\u1ec7u \u0111\u1ed9c h\u1ea1i v\u00e0 th\u1ef1c thi l\u1ec7nh h\u1ec7 \u0111i\u1ec1u h\u00e0nh tr\u1ef1c ti\u1ebfp tr\u00ean m\u00e1y ch\u1ee7.<\/p>\n<p>R\u1ee7i ro \u0111\u01b0\u1ee3c \u0111\u00e1nh gi\u00e1 \u1edf m\u1ee9c cao do c\u00e1c h\u1ec7 th\u1ed1ng AI th\u01b0\u1eddng v\u1eadn h\u00e0nh v\u1edbi \u0111\u1eb7c quy\u1ec1n l\u1edbn, cho ph\u00e9p truy c\u1eadp v\u00e0o nhi\u1ec1u t\u00e0i nguy\u00ean quan tr\u1ecdng trong h\u1ec7 th\u1ed1ng. Khi b\u1ecb khai th\u00e1c, k\u1ebb t\u1ea5n c\u00f4ng c\u00f3 th\u1ec3 chi\u1ebfm quy\u1ec1n m\u00e1y ch\u1ee7, \u0111\u00e1nh c\u1eafp API key, th\u00f4ng tin SSH v\u00e0 c\u00e1c t\u1ec7p m\u00f4 h\u00ecnh AI. Sau khi ki\u1ec3m so\u00e1t \u0111\u01b0\u1ee3c h\u1ec7 th\u1ed1ng, ch\u00fang c\u00f3 th\u1ec3 ti\u1ebfp t\u1ee5c s\u1eed d\u1ee5ng m\u00e1y ch\u1ee7 nh\u01b0 m\u1ed9t \u0111i\u1ec3m trung gian \u0111\u1ec3 m\u1edf r\u1ed9ng t\u1ea5n c\u00f4ng sang c\u00e1c h\u1ec7 th\u1ed1ng kh\u00e1c trong m\u1ea1ng n\u1ed9i b\u1ed9. Trong c\u00e1c m\u00f4i tr\u01b0\u1eddng c\u00f3 robot v\u1eadt l\u00fd, vi\u1ec7c b\u1ecb chi\u1ebfm quy\u1ec1n c\u00f2n c\u00f3 th\u1ec3 \u1ea3nh h\u01b0\u1edfng tr\u1ef1c ti\u1ebfp \u0111\u1ebfn an to\u00e0n v\u1eadn h\u00e0nh.<\/p>\n<p>Nh\u00e0 nghi\u00ean c\u1ee9u Valentin Lobstein thu\u1ed9c VulnCheck x\u00e1c nh\u1eadn c\u00f3 th\u1ec3 khai th\u00e1c CVE n\u00e0y tr\u00ean phi\u00ean b\u1ea3n 0.4.3. CVE-2026-25874 hi\u1ec7n ch\u01b0a \u0111\u01b0\u1ee3c v\u00e1, b\u1ea3n s\u1eeda d\u1ef1 ki\u1ebfn ph\u00e1t h\u00e0nh trong phi\u00ean b\u1ea3n 0.6.0. L\u1ed7 h\u1ed5ng n\u00e0y t\u1eebng \u0111\u01b0\u1ee3c b\u00e1o c\u00e1o t\u1eeb cu\u1ed1i n\u0103m 2025 b\u1edfi m\u1ed9t nh\u00e0 nghi\u00ean c\u1ee9u kh\u00e1c. Nh\u00f3m ph\u00e1t tri\u1ec3n th\u1eeba nh\u1eadn ph\u1ea7n m\u00e3 li\u00ean quan mang t\u00ednh th\u1eed nghi\u1ec7m v\u00e0 c\u1ea7n \u0111\u01b0\u1ee3c vi\u1ebft l\u1ea1i g\u1ea7n nh\u01b0 to\u00e0n b\u1ed9.<\/p>\n<p>Ph\u00e1t hi\u1ec7n n\u00e0y ti\u1ebfp t\u1ee5c cho th\u1ea5y r\u1ee7i ro khi s\u1eed d\u1ee5ng \u0111\u1ecbnh d\u1ea1ng pickle. Ch\u1ec9 c\u1ea7n x\u1eed l\u00fd d\u1eef li\u1ec7u \u0111\u01b0\u1ee3c ch\u1ebf t\u1ea1o s\u1eb5n, h\u1ec7 th\u1ed1ng c\u00f3 th\u1ec3 b\u1ecb th\u1ef1c thi m\u00e3 ngo\u00e0i \u00fd mu\u1ed1n. \u0110\u00e1ng ch\u00fa \u00fd, Hugging Face t\u1eebng ph\u00e1t tri\u1ec3n Safetensors nh\u01b0 m\u1ed9t gi\u1ea3i ph\u00e1p thay th\u1ebf an to\u00e0n h\u01a1n cho pickle. Tuy v\u1eady, trong LeRobot, c\u01a1 ch\u1ebf c\u0169 v\u1eabn \u0111\u01b0\u1ee3c s\u1eed d\u1ee5ng. Ngo\u00e0i ra, c\u00e1c c\u1ea3nh b\u00e1o t\u1eeb c\u00f4ng c\u1ee5 ph\u00e2n t\u00edch m\u00e3 \u0111\u00e3 b\u1ecb v\u00f4 hi\u1ec7u h\u00f3a b\u1eb1ng ch\u00fa th\u00edch \u201c# nosec\u201d, thay v\u00ec \u0111\u01b0\u1ee3c x\u1eed l\u00fd ho\u1eb7c lo\u1ea1i b\u1ecf r\u1ee7i ro.<\/p>\n<p>\u0110\u1ec3 gi\u1ea3m thi\u1ec3u r\u1ee7i ro, c\u00e1c qu\u1ea3n tr\u1ecb vi\u00ean c\u1ea7n h\u1ea1n ch\u1ebf \u0111\u1ec3 l\u1ed9 c\u1ed5ng gRPC ra internet, ch\u1ec9 cho ph\u00e9p truy c\u1eadp th\u00f4ng qua firewall ho\u1eb7c VPN, \u0111\u1ed3ng th\u1eddi theo d\u00f5i c\u00e1c ti\u1ebfn tr\u00ecnh v\u00e0 h\u00e0nh vi b\u1ea5t th\u01b0\u1eddng tr\u00ean h\u1ec7 th\u1ed1ng.<br \/>\n\u200b<\/p><\/div>\n<div style=\"text-align: right;\"><b><i>Theo The Hacker New<\/i><\/b><\/div>\n","protected":false},"excerpt":{"rendered":"<p>C\u00e1c nh\u00e0 nghi\u00ean c\u1ee9u an ninh m\u1ea1ng v\u1eeba c\u00f4ng b\u1ed1 m\u1ed9t l\u1ed7 h\u1ed5ng nghi\u00eam tr\u1ecdng trong LeRobot, n\u1ec1n t\u1ea3ng robot m\u00e3 ngu\u1ed3n m\u1edf do Hugging Face ph\u00e1t tri\u1ec3n. CVE n\u00e0y cho ph\u00e9p k\u1ebb t\u1ea5n c\u00f4ng th\u1ef1c thi m\u00e3 t\u1eeb xa m\u00e0 kh\u00f4ng c\u1ea7n x\u00e1c th\u1ef1c, \u1ea3nh h\u01b0\u1edfng tr\u1ef1c ti\u1ebfp \u0111\u1ebfn m\u00e1y ch\u1ee7 AI v\u00e0 c\u00e1c [&hellip;]<\/p>\n","protected":false},"author":20,"featured_media":47798,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"tdm_status":"","tdm_grid_status":"","footnotes":""},"categories":[3,24,35],"tags":[],"class_list":["post-47797","post","type-post","status-publish","format-standard","has-post-thumbnail","category-canh-bao-khuyen-nghi","category-tin-noi-bat","category-tin-tuc-su-kien"],"amp_enabled":true,"_links":{"self":[{"href":"https:\/\/antoanthongtinhaiphong.gov.vn\/wp-json\/wp\/v2\/posts\/47797","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/antoanthongtinhaiphong.gov.vn\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/antoanthongtinhaiphong.gov.vn\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/antoanthongtinhaiphong.gov.vn\/wp-json\/wp\/v2\/users\/20"}],"replies":[{"embeddable":true,"href":"https:\/\/antoanthongtinhaiphong.gov.vn\/wp-json\/wp\/v2\/comments?post=47797"}],"version-history":[{"count":1,"href":"https:\/\/antoanthongtinhaiphong.gov.vn\/wp-json\/wp\/v2\/posts\/47797\/revisions"}],"predecessor-version":[{"id":47799,"href":"https:\/\/antoanthongtinhaiphong.gov.vn\/wp-json\/wp\/v2\/posts\/47797\/revisions\/47799"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/antoanthongtinhaiphong.gov.vn\/wp-json\/wp\/v2\/media\/47798"}],"wp:attachment":[{"href":"https:\/\/antoanthongtinhaiphong.gov.vn\/wp-json\/wp\/v2\/media?parent=47797"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/antoanthongtinhaiphong.gov.vn\/wp-json\/wp\/v2\/categories?post=47797"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/antoanthongtinhaiphong.gov.vn\/wp-json\/wp\/v2\/tags?post=47797"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}