Since the subnet owners have refused to make a responsible disclosure to the community or pay out a reasonable bounty, I am instead publishing this in the hopes that miners of the subnet can confirm that they have not been compromised and to give the community insights into the security practices and attitudes of the subnet owners.
Validators with more than 1024 TAO staked had the ability to execute arbitrary code on the miner's machine (RCE) via the Specs synapse using a subprocess call from python. There was no checks in place at all what on what could be ran or what could be returned. Anything from miner's hotkeys being exposed to installing malicous packages (potentially extracting cold keys) on hosts could have been possible.
The Specs synapse accepts app_data from a validator that is dumped into a file and executed on the miners machine here before returning the output back to the caller. There is no validation of the input or output here.
This vulnerability appears to be introduced 5 months ago in this commit and existed in production until Aug 6 2024 in this release when it was resolved ~24 hours after I made the responsible disclosure to the team.
Unfortunately, this is a very hard question to answer, there is no evidence that this has or hasn't been exploited. If miner's see log lines like this one
bt.logging.info(f"💻 Specs query queuing {request_id} ...")
then its possible that malicious code was ran on their machine.
I made this disclosure to the team in good faith and prioritized helping them to quickly mitigate the security hole that could have been actively been exploited vs attempting to extort them to pay a bounty before discloing the issue. The team has refused to pay out any reasonable security bounty (they offered 5 TAO) and has also stated that the disclosure they made to the community here is sufficient although it lacks any information on what happened or how a miner may have been impacted. We, as a community, HAVE to do better with security.