Cyber Security researchers have revealed a serious security defect on the Lightning AI Studio development platform.
The vulnerability that is evaluated as the CVSS score is 9.4 enables the use of a hidden URL parameter to “the attacker to potentially execute any command with route authority”.
“This level can be hypothesized for a variety of malicious activities, such as extracting sensitive keys from the target account,” he said, “he said. Gal Moyal said.
This problem is built into the JavaScript code that promotes the victim’s free access to the development environment and can execute any command with a target that is authenticated by privileged context.
NOMA is a user-specific URLS (eg, Lightning.ai/profile_username/studio_path/fullscreen=true & MVZC …) He said that a hidden parameter was found. Give the Base64 encoding order executed on the basic host.
Even worse, the loophole may weapon to run important information such as access tokens and user information to an attacker control server.
The success of the vulnerability is that the enemy can execute any privileged command, acquire route access, harvest sensitive data, operate the file system to create, delete, or change files on the server. It means to do it.
What the attacker needs to quit this is the profile user name, the related Lightning AI Studio, and the details released from the Studio Templates Gallery.
By armed with this information, threat actors can create malicious links and trigger code execution under the root access permit in an identified studio. Following the responsible disclosure on October 14, 2024, the problem was solved by the Lightning AI team as of October 25.
“These vulnerabilities emphasize the importance of mapping and security of tools and systems used for building, training, and deployment of AI models for sensitive properties,” said researchers. 。
Source link
