CVE-2025-43846 is a high-severity vulnerability affecting the Retrieval-based-Voice-Conversion-WebUI (RVC-Project), a voice changing framework based on VITS technology. The vulnerability arises from unsafe deserialization of untrusted data in versions 2.2.231006 and earlier. Specifically, the variable ckpt_path1 accepts user input, which is then passed to the show_info function in the process_ckpt.py module. This function uses torch.load to load a model from the specified path. Since torch.load performs deserialization, if an attacker controls the input path, they can supply a maliciously crafted model file that, when deserialized, executes arbitrary code remotely. This leads to remote code execution (RCE) without requiring authentication or user interaction. The vulnerability is classified under CWE-502 (Deserialization of Untrusted Data). As of the publication date, no patches or fixes are available, increasing the risk for users of affected versions. The CVSS 4.0 score is 8.9 (high), reflecting the network attack vector, low attack complexity, no privileges or user interaction required, and high impact on confidentiality, integrity, and availability. No known exploits are currently in the wild, but the ease of exploitation and severity make this a critical concern for deployments of this software.

For European organizations using Retrieval-based-Voice-Conversion-WebUI, this vulnerability poses a significant risk. Successful exploitation allows attackers to execute arbitrary code remotely, potentially leading to full system compromise. This can result in data breaches, unauthorized access to sensitive voice data or models, disruption of voice conversion services, and lateral movement within networks. Organizations relying on this framework for voice-related applications, including telecommunications, media production, or accessibility services, could face operational downtime and reputational damage. The lack of available patches means organizations must rely on immediate mitigations to reduce exposure. Given the high impact on confidentiality, integrity, and availability, exploitation could also facilitate espionage or sabotage, especially in sectors where voice data is sensitive or regulated under GDPR and other European data protection laws.

Since no official patches exist, European organizations should implement the following specific mitigations: 1) Immediately restrict or disable any external user input that specifies model paths (ckpt_path1) to trusted, validated sources only. 2) Employ strict input validation and sanitization to prevent arbitrary file paths or malicious files from being loaded. 3) Run the Retrieval-based-Voice-Conversion-WebUI service in a sandboxed or containerized environment with minimal privileges to limit the impact of potential code execution. 4) Monitor and log all attempts to load models, especially those originating from untrusted sources, to detect suspicious activity. 5) Where possible, isolate the voice conversion service from critical network segments to reduce lateral movement risk. 6) Consider temporarily disabling the vulnerable functionality or the entire service until a patch is released. 7) Keep abreast of vendor announcements for patches and apply them promptly once available. 8) Conduct internal audits to identify all instances of the affected software within the organization.