CloudLinux has released a fix for a critical remote code execution (RCE) vulnerability in AI-bolit, the malware scanner component bundled with ImunifyAV and Imunify360 widely deployed by Linux hosting providers. Under certain scan conditions, an attacker could trigger arbitrary command execution on the host. Upgrading to AI-bolit 32.7.4.0 or newer addresses the flaw; a CVE ID has not yet been assigned.
Who is affected and why it matters for hosting providers
ImunifyAV/Imunify360 operate at the platform level to protect Linux-based websites. According to vendor statistics from October 2024, Imunify safeguards over 56 million websites, and Imunify360 counts more than 645,000 installations. Even though individual site owners seldom interact with AI-bolit directly, the vulnerability impacts the underlying hosting infrastructure they rely on.
Technical analysis: how AI-bolit’s deobfuscation led to RCE
The issue resides in the deobfuscation logic of AI-bolit prior to 32.7.4.0. During analysis of obfuscated PHP files, the scanner used call_user_func_array without sufficiently validating inputs derived from the scanned content. This allowed potential function name substitution within the target file: as AI-bolit attempted to deobfuscate code, it could inadvertently invoke sensitive PHP functions, including those that spawn system commands, resulting in remote code execution on the host running the scan.
Prerequisites for exploitation and configuration nuances
Researchers at Patchstack note that exploitation becomes feasible when deobfuscation is enabled during scanning. In standalone CLI mode, AI-bolit ships with deobfuscation disabled by default. However, within Imunify360, deobfuscation is forcibly enabled for background, scheduled, on-demand, and quick scans—creating the conditions necessary for exploitation on many production systems.
Timeline, fixes, and recommended versions
CloudLinux issued patches in late October 2025 and later backported the fix to older Imunify360 AV branches on November 10. The current security guidance instructs all customers to update to AI-bolit 32.7.4.0 or later. Administrators should verify both the AI-bolit component version and the ImunifyAV/Imunify360 package versions across all environments—production, staging, and standby nodes.
Shared hosting impact: elevated privileges amplify risk
On shared hosting platforms, scanners commonly run with elevated privileges to traverse all user accounts. In this context, a successful RCE can lead to full server compromise: cross-tenant data access, privilege escalation, lateral movement, and installation of persistent backdoors. Researchers have published a proof-of-concept demonstrating practical exploitability, increasing the urgency of patching in environments where attacker-supplied or obfuscated PHP code is routinely scanned.
Mitigation guidance for hosting and enterprise Linux environments
Update immediately: confirm AI-bolit and ImunifyAV/Imunify360 versions and upgrade to 32.7.4.0+. Ensure the fix is rolled out uniformly across clusters, replicas, and backup nodes to avoid downgrade paths.
Enforce least privilege: run scanners with minimum necessary rights. Limit access to system utilities and inter-user directories. Use OS-level isolation—namespaces, cgroups, LVE, or similar—to prevent cross-account impact if a scanner is compromised.
Harden configuration: for standalone AI-bolit, keep deobfuscation disabled unless operationally required; when using Imunify360, rely on the patched build since deobfuscation is enabled by design for most scan modes.
Strengthen monitoring and response: enable detailed scan logging and behavior analytics. Alert on unusual PHP function invocations and command execution patterns. As a temporary safeguard, consider restricting risky PHP functions via php.ini (disable_functions) and aligning WAF rules—ensuring compatibility with hosted applications.
Security tooling often runs with broad privileges, making vulnerabilities in these components particularly consequential. Hosting and enterprise Linux teams should prioritize the AI-bolit 32.7.4.0 update, reassess privilege models for scanners, and tighten monitoring. Rapid patch management combined with defense-in-depth substantially reduces the likelihood and blast radius of compromise.
