PT-2026-5709 · Amazon · Amazon Sagemaker Python Sdk
Published
2026-02-02
·
Updated
2026-02-02
·
CVE-2026-1778
CVSS v4.0
8.2
High
| Vector | AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X |
Name of the Vulnerable Software and Affected Versions
Amazon SageMaker Python SDK versions prior to 3.1.1
Amazon SageMaker Python SDK versions prior to 2.256.0
Description
The SageMaker Python SDK has an issue where TLS certificate verification is disabled for HTTPS connections when importing a Triton Python model. This allows requests with invalid or self-signed certificates to succeed, potentially leading to remote code execution within the Triton container. Disabling SSL verification allows third parties to intercept HTTPS traffic and replace models or dependencies with inappropriate versions.
Recommendations
Versions prior to 3.1.1 should be upgraded to version 3.1.1 or later.
Versions prior to 2.256.0 should be upgraded to version 2.256.0 or later.
Customers using self-signed certificates for internal model downloads should add their private Certificate Authority (CA) certificate to the container image.
Fix
Improper Certificate Validation
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Amazon Sagemaker Python Sdk