CVE-2025-43850: GHSL-2025-020_Retrieval-based-Voice-Conversion-WebUI
Description
Retrieval-based-Voice-Conversion-WebUI is a voice changing framework based on VITS. Versions 2.2.231006 and prior are vulnerable to unsafe deserialization. The ckpt_dir variable takes user input (e.g. a path to a model) and passes it to the change_info function in export.py, which uses it to load the model on that path with torch.load, which can lead to unsafe deserialization and remote code execution. As of time of publication, no known patches exist.
Classification
CVE ID: CVE-2025-43850
CVSS Base Severity: HIGH
CVSS Base Score: 8.9
CVSS Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P
Problem Types
CWE-502: Deserialization of Untrusted DataAffected Products
Vendor: RVC-Project
Product: Retrieval-based-Voice-Conversion-WebUI
Exploit Prediction Scoring System (EPSS)
EPSS Score: 0.41% (probability of being exploited)
EPSS Percentile: 60.43% (scored less or equal to compared to others)
EPSS Date: 2025-06-03 (when was this score calculated)
Stakeholder-Specific Vulnerability Categorization (SSVC)
SSVC Exploitation: none
SSVC Technical Impact: total
SSVC Automatable: true
References
https://nvd.nist.gov/vuln/detail/CVE-2025-43850https://securitylab.github.com/advisories/GHSL-2025-012_GHSL-2025-022_Retrieval-based-Voice-Conversion-WebUI/
https://github.com/RVC-Project/Retrieval-based-Voice-Conversion-WebUI/blob/7ef19867780cf703841ebafb565a4e47d1ea86ff/infer/modules/onnx/export.py#L7
https://github.com/RVC-Project/Retrieval-based-Voice-Conversion-WebUI/blob/9f2f0559e6932c10c48642d404e7d2e771d9db43/infer-web.py#L1495
https://github.com/RVC-Project/Retrieval-based-Voice-Conversion-WebUI/blob/9f2f0559e6932c10c48642d404e7d2e771d9db43/infer-web.py#L1505