CVE-2024-10273 is an authorization vulnerability classified under CWE-863 found in the lunary-ai/lunary project, specifically in version 1.5.0. The issue stems from improper privilege management in the models.ts file, where the PATCH endpoint responsible for updating AI models lacks adequate authorization checks. This allows users assigned only viewer roles—who should have read-only access—to perform modifications on models owned by other users. The vulnerability does not require user interaction and can be exploited remotely over the network with low attack complexity and privileges. The impact is primarily on the integrity of the system, as unauthorized users can alter critical AI models, potentially leading to corrupted or manipulated outputs, undermining trust in the AI system. The CVSS v3.0 score is 6.5, reflecting a medium severity with no impact on confidentiality or availability but high impact on integrity. No public exploits have been reported yet, but the vulnerability poses a risk especially in environments where AI models are critical assets. The lack of patch links suggests that fixes may not yet be widely available, emphasizing the need for immediate mitigation steps by affected organizations.

For European organizations, the unauthorized modification of AI models can have significant consequences, especially in sectors relying heavily on AI for decision-making, such as finance, healthcare, and manufacturing. Integrity breaches could lead to incorrect model outputs, resulting in flawed business decisions, regulatory non-compliance, or safety risks. Since lunary-ai/lunary is an AI development platform, compromised models might propagate errors or malicious behaviors into production systems. This could damage organizational reputation and trust in AI solutions. The medium severity rating suggests that while the vulnerability is not critical, it is exploitable with relatively low privileges and no user interaction, increasing the risk of insider threats or lateral movement attacks. The absence of known exploits in the wild reduces immediate risk but does not eliminate the threat, especially as attackers may develop exploits once the vulnerability becomes more widely known.

Organizations should immediately review and tighten access controls on lunary-ai/lunary deployments, ensuring that viewer roles cannot perform any write or update operations. Implement strict role-based access control (RBAC) policies and validate all API endpoints for proper authorization checks. Conduct thorough code audits focusing on privilege management in the models.ts file and related components. Monitor logs and audit trails for unusual PATCH requests or modifications to models by low-privilege users. If possible, isolate AI model management systems from broader network access to reduce attack surface. Engage with lunary-ai vendor or community to obtain patches or updates addressing this vulnerability. Until patches are available, consider implementing compensating controls such as API gateways or web application firewalls (WAFs) to enforce authorization policies. Educate developers and administrators about the risks of improper authorization and the importance of secure coding practices.