Publicly available GenAI development apps open to exploitation
New research from Legit Security shows that widely available GenAI development services risk sensitive information exposure, or leakage of secrets.
Legit's analysis of unprotected vector databases finds that 30 servers investigated contained corporate or private data, including company email conversations, customer PII, product serial numbers, financial records, resumes, and contact information.
In addition three vector databases from two of the most popular platforms belonging to companies in engineering services, fashion, and the industrial equipment sector contain documents, media summaries, customer details, and purchase information.
Legit has contacted the owners of those publicly exposed servers, and most have now blocked access to them.
Exposed secrets, include OpenAI and Pinecone API keys, GitHub access tokens, and URLs with database passwords. Exposure of all the configurations and LLM prompts of these applications was also found which can help create exploit prompt vulnerabilities further down the road.
Naphtali Deutsch, formerly of Israeli Military Intelligence and now security researcher at Legit writes on the company's blog, "When you deploy vector database software on a self-hosted server, an attacker may exploit vulnerabilities that exist on that software, and, for example, gain remote code execution or privilege escalation on that server. The risk is even more significant when using outdated software, where vulnerabilities are well known and easily exploited."
In order to protect against these threats Deutsch recommends preventing unnecessary access to databases and AI services, monitoring and logging activity on AI platforms, ensuring software is kept up to date, and masking sensitive details from data before using it in an LLM.
You can read more on the Legit Security blog.
Image credit: sdecoret/depositphotos.com