UPDATED 08:00 EST / JUNE 05 2024

SECURITY

Synopsys researchers uncover prompt injection vulnerability in EmailGPT

The emergence of generative artificial intelligence services has produced a steady increase in what is typically referred to as “prompt injection” hacks, manipulating large language models through logic rather than exploiting traditional security vulnerabilities.

However, the difference between the two is starting to blend. The Synopsys Cybersecurity Research Center warns today of a new prompt injection that exploits a security vulnerability, rather than logic alone, to steal data. The vulnerability was found in EmailGPT, an application programming interface service and Google Chrome extension that assists users in writing emails inside Gmail using OpenAI’s GPT models.

EmailGPT uses an API service that has been found to allow a malicious actor to inject direct prompts and take over the service logic. Using the vulnerability, attackers can force the AI service to leak standard hard-coded systems prompts or execute unwanted prompts.

When engaging with EmailGPT, an attacker can submit a malicious prompt that requests harmful information and the system will respond by providing the requested data. The vulnerability can also be executed by anyone who has access to the service.

When exploited, the vulnerability can lead to intellectual property leakage, denial-of-service and direct financial loss through an attacker making repeated requests to the AI provider’s API, which are pay-per-use.

The vulnerability has a Common Vulnerability Scoring System score of 6.5, indicating a medium severity.

The Synopsys CyRC researchers reached out to the developers of EmailGPT before going public with the details, adhering to their responsible disclosure policy. The company had not responded to Synopsys as of the time of writing despite multiple attempts to obtain a response over a 90-day period.

When it comes to security issues such as those involving CVSS scores, there is usually some workaround or way to overcome the issue at hand. However, in this case, the researchers simply recommend immediately removing EmailGPT from any installations.

Image: EmailGPT

A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU