Summary: A newly disclosed server-side request forgery (SSRF) vulnerability, CVE-2024-27564, affecting OpenAI’s ChatGPT infrastructure has led to over 10,479 attack attempts from a single malicious IP. Despite being classified as medium severity, many organizations remain unprotected due to misconfigurations in their security systems, making them prime targets for cybercriminals. Financial institutions and government organizations are particularly at risk, highlighting the need for proactive security measures against all vulnerabilities.
Affected: OpenAI’s ChatGPT infrastructure
Keypoints :
- Over 10K attack attempts detected from a single malicious IP exploiting CVE-2024-27564.
- 35% of organizations lack protection due to misconfigurations in security systems.
- Financial institutions and U.S. government organizations are among the most targeted sectors.
- Ignoring medium-severity vulnerabilities can lead to costly breaches and reputational damage.
- Immediate action suggested: review security configurations, monitor for malicious activity, and prioritize AI security.
Source: https://securityonline.info/cve-2024-27564-attackers-exploit-openai-vulnerability-in-the-wild/