CyRC Vulnerability Advisory: CVE-2024-5184s Prompt Injection in EmailGPT Service

Security Awareness | Security Operations | Threat Intelligence

Researchers at Synopsys are warning EmailGPT users to remove the application from their networks immediately. The AI tool, that is developed to streamline your email management process with AI capabilities, is found containing prompt injection vulnerabilities that allows attacks to overwrite instructions, change the behaviour or the AI and exfiltrate data from the AI system, somewhat like what happened with GitHub Copilot leaking intellectual property

Posted: Thursday, Jun 06

KBI.Media
$
CyRC Vulnerability Advisory: CVE-2024-5184s Prompt Injection in EmailGPT Service

CyRC Vulnerability Advisory: CVE-2024-5184s Prompt Injection in EmailGPT Service

The Synopsys Cybersecurity Research Center (CyRC) has exposed prompt injection vulnerabilities in the EmailGPT service. EmailGPT is an API service and Google Chrome extension that assist users in writing emails inside Gmail using OpenAI’s GPT models.

The service uses an API service that allows a malicious user to inject a direct prompt and take over the service logic. Attackers can exploit the issue by forcing the AI service to leak the standard hard-coded system prompts and/or execute unwanted prompts.

Exploitation

When engaging with EmailGPT by submitting a malicious prompt that requests harmful information, the system will respond by providing the requested data. This vulnerability can be exploited by any individual with access to the service.

Affected Software

EmailGPT “main” branch

Impact

Exploitation of this vulnerability would lead to intellectual property leakage, denial-of-service, and direct financial loss through an attacker making repeated requests to the AI provider’s API which are pay-per-use.

CVSS Base Score: 6.5 (Medium)
CVSS 3.1 Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Remediation

The CyRC reached out to the developers but has not received a response within the 90-day timeline dictated by our responsible disclosure policy. The CyRC recommends removing the applications from networks immediately.

Discovery Credit

This vulnerability was discovered by Mohammed Alshehri, a security researcher at Synopsys.

Timeline

February 26, 2024: Initial contact attempt

April 4, 2024: Second contact attempt

May 1, 2024: Final contact attempt

June 5, 2024: Advisory published by Synopsys

References

https://github.com/Coeeter/emailgpt

About CVSS

FIRST.Org, Inc (FIRST) is a non-profit organisation based out of US that owns and manages CVSS. It is not required to be a member of FIRST to utilise or implement CVSS but FIRST does require any individual or organisation give appropriate attribution while using CVSS. FIRST also states that any individual or organisation that publishes scores follow the guideline so that anyone can understand how the score was calculated.

Independent Cyber News.

Exploitation

Affected Software

Impact

Remediation

Discovery Credit

Timeline

References

About CVSS

In Other News…

Teresa Anania Joins Sophos as Chief Customer Officer

Check Point Software Announces New CEO & Reports Strong 2024 Second Quarter Results

Secure Code Warrior Introduces Industry-first Solution that Measures Developers’ Security Competencies for Code Commits

Recent Articles

The New Ransomware Threat Targeting Global Institutions

Exploring Opportunities, Fears, and the Future with AI

Bridging the Gap: Uniting IT Teams for Effective Cybersecurity

Insights from Cisco Live: What’s Cooking?

Business News

Tech News

Global News

Our Podcasts

Partner With KBI

Content Production

Business News

Tech News

Global News

KBI.FM - The Cyber Podcast Network

Threats & Reports