New research from Legit Security has found that widely available GenAI development services pose a risk of exposing sensitive information and leaking secrets.
Legit's analysis of the unsecured vector database revealed that the 30 servers surveyed contained corporate or personal data, including company email conversations, customer personal information, product serial numbers, financial records, resumes and contact information.
Additionally, three vector databases from the two most popular platforms belonging to companies in the engineering services, fashion and industrial equipment sectors contain documents, media summaries, customer details and purchase information.
Legit has contacted the owners of the exposed servers and has now blocked access to most of them.
The exposed secrets include URLs containing OpenAI and Pinecone API keys, GitHub access tokens, and database passwords. All configurations and LLM prompts for these applications were also found to be exposed, which may create exploit prompt vulnerabilities in the future.
“Deploying Vector database software on a self-hosted server could allow an attacker to exploit vulnerabilities in that software, for example to gain remote code execution or privilege escalation on that server,” Naphtali Deutsch, a former Israeli military intelligence officer and now a security researcher at Legit, wrote in the company's blog. “The risk is even greater when using older software with well-known and easily exploitable vulnerabilities.”
To protect against these threats, Deutsch recommends preventing unnecessary access to databases and AI services, monitoring and logging activity on AI platforms, keeping software up to date, and masking sensitive information from data before using it in LLMs.
For more information, see the Legit Security blog.
Image credit: sdecoret/depositphotos.com