CYBERNEWSMEDIA Network:||
CYBERNEWSMEDIA
CYBERNEWSMEDIA

Cybersecurity News, Insights & Analysis

Latest
TrueConf Zero-Day Exploited in Asian Government Attacks
In Other News: ChatGPT Data Leak, Android Rootkit, Water Facility Hit by Ransomware
Critical ShareFile Flaws Lead to Unauthenticated RCE
Mobile Attack Surface Expands as Enterprises Lose Control
React2Shell Exploited in Large-Scale Credential Harvesting Campaign
AD · 970×250

Artificial Intelligence

ChatGPT Vulnerability Exposed Underlying Cloud Infrastructure

A researcher found a way to exploit an SSRF vulnerability related to custom GPTs to obtain an Azure access token. The post ChatGPT Vulnerability Exposed Underlying Cloud Infrastructure appeared first on SecurityWeek.

ChatGPT vulnerability

A researcher has disclosed the details of a recently patched ChatGPT vulnerability that may have exposed some of the AI chatbot’s underlying cloud infrastructure.

Jacob Krut, a bug bounty hunter and security engineer at Open Security, discovered the vulnerability while working on creating a custom GPT —a personalized version of ChatGPT tailored to a specific purpose or area of expertise.

The researcher found the weakness in the ‘Actions’ section, where users define how the custom GPT can interact with external services via APIs. The feature relied on user-provided URLs that were not properly validated, allowing an attacker to conduct a server-side request forgery (SSRF) attack.

SSRF vulnerabilities can be exploited using specially crafted URLs to make unauthorized requests to internal network resources that the attacker would normally not be able to access. 

In the case of ChatGPT, Krut was able to exploit the vulnerability to query a local endpoint associated with the Azure Instance Metadata Service (IMDS), an Azure cloud platform component used for application configuration and management. 

The IMDS identity authenticates the service to other resources. By obtaining the ChatGPT Azure IMDS identity’s access token, the researcher could have gained access to the underlying Azure cloud infrastructure used by OpenAI.

The vulnerability was reported to OpenAI through its bug bounty program on the BugCrowd platform. The researcher said the vendor assigned it a ‘high severity’ rating and quickly patched it.  

It’s unclear if a bug bounty has been paid out for the security hole. In May, OpenAI started offering up to $100,000 for critical vulnerabilities, but the average payout in the past three months has been less than $800, and the highest publicly listed reward since May was $5,000.

“This SSRF in ChatGPT’s Custom GPT Actions is a textbook example of how small validation gaps at the framework layer can cascade into cloud-level exposure and highlights the severity of this often-overlooked attack vector,” said Christopher Jess, senior R&D manager at application security firm Black Duck.

“SSRF has been in the OWASP Top 10 since 2021 because of precisely this potential blast radius: a single server-side request can pivot into internal services, metadata endpoints, and privileged cloud identities,” Jess added.

Related: ChatGPT Targeted in Server-Side Data Theft Attack

Related: Researchers Hack ChatGPT Memories and Web Search Features

Related: AI Sidebar Spoofing Puts ChatGPT Atlas, Perplexity Comet and Other Browsers at Risk

Related: ChatGPT Tricked Into Solving CAPTCHAs

Latest News

CYBERNEWSMEDIAPublisher