Image: zer0yu
A newly disclosed server-side request forgery (SSRF) vulnerability, tracked as CVE-2024-27564, has become a significant target for cybercriminals, with over 10,479 attack attempts recorded from a single malicious IP, according to Veriti’s latest research. The flaw, which affects OpenAI’s ChatGPT infrastructure, enables attackers to inject malicious URLs into input parameters, forcing the application to make unintended requests on their behalf.
Despite being classified as a medium-severity issue, Veriti’s findings reveal that 35% of organizations remain unprotected due to misconfigurations in their Intrusion Prevention Systems (IPS), Web Application Firewalls (WAF), and general firewall settings. The report emphasizes a crucial reality in cybersecurity: “No vulnerability is too small to matter, attackers will exploit any weakness they can find.”
The real-world impact of this vulnerability is already being felt across multiple industries, with financial institutions emerging as prime targets due to their reliance on AI-driven services and API integrations. Attackers leveraging SSRF exploits against such organizations pose severe risks, including:
- Data breaches
- Unauthorized financial transactions
- Regulatory penalties
- Significant reputational damage
“Ignoring medium-severity vulnerabilities is a costly mistake, particularly for high-value financial organizations,” warns Veriti’s report.
While financial institutions remain a key focus for attackers, government organizations in the U.S. have also been among the most targeted sectors. Over 10K attack attempts have been detected in just one week, highlighting the scale and intensity of the threat.
Furthermore, multiple attacker IPs have been identified as actively exploiting CVE-2024-27564, including:
- 31.56.56[.]156
- 38.60.191[.]7
- 94.156.177[.]106
- 159.192.123[.]190
- …and several others.
A common security misstep is prioritizing only critical and high-severity vulnerabilities. However, Veriti’s findings reinforce that attackers exploit whatever works, regardless of severity rankings.
“A once-ignored vulnerability can quickly become a favorite attack vector. Automated attacks scan for weaknesses, not severity scores, and misconfigurations create easy entry points.”
This SSRF flaw in OpenAI’s ChatGPT ecosystem serves as a prime example of why cybersecurity teams must remain vigilant against all threats, not just the ones flagged as high or critical.
The report urges security teams to take immediate action to mitigate these risks:
- Review Security Configurations: Security teams should check their Intrusion Prevention Systems (IPS), Web Application Firewalls (WAFs), and firewall configurations to ensure they are adequately protected against CVE-2024-27564
- Monitor for Malicious Activity: It is crucial to monitor logs for attack attempts, especially those originating from known attacker IP addresses.
- Prioritize AI Security: Organizations should prioritize addressing security gaps related to their AI-related services and API integrations in their risk assessments.
Related Posts:
- AI’s Dark Side: Hackers Harnessing ChatGPT and LLMs for Malicious Attacks
- The Dark Side of ChatGPT: Trade Secret Leaks in Samsung
- ChatGPT Crawler Vulnerability: DDoS Attacks via HTTP Requests
