453 – Data and model poisoning

Description

Pre-training, fine-tuning, or embedding data is manipulated to alter the model's behavior, compromise integrity, or degrade performance.

Impact

- Alteration of the model's behavior. - Compromise of integrity. - Degradation of performance. - Increased error rates. - Embedding of malicious instructions.

Recommendation

- SSO and MFA to limit who can access your data and AI platform. - Enforce data quality checks on batch and streaming data before they make it to the datasets. - Validate and audit all training datasets. - Implement sandboxing.

Threat

Authenticated attacker from the Internet.

Expected Remediation Time

60 minutes.

Score 4.0

Default score using CVSS 4.0. It may change depending on the context of the src.

Base 4.0

• Attack vector: N
• Attack complexity: H
• Attack Requirements: N
• Privileges required: L
• User interaction: N
• Confidentiality (VC): L
• Integrity (VI): L
• Availability (VA): L
• Confidentiality (SC): N
• Integrity (SI): N
• Availability (SA): N

Threat 4.0

• Exploit maturity: P

Requirements

• 173 - Discard unsafe inputs
• 262 - Verify third-party components
• 383 - Sandboxing to limit model exposure to unverified data sources

Last updated

2025/07/08