low

Amazon Q for Business Data Exfiltration

Published Thu, Jan 18th, 2024

Platforms

aws

Summary

An Indirect Prompt Injection attack can cause the LLM to return markdown tags. This allows an adversary who’s data makes it into the chat context (e.g via an uploaded file) to achieve data exfiltration of the victim’s data by rendering hyperlinks.

Affected Services

Amazon Q

Remediation

None required

Tracked CVEs

No tracked CVEs

References

https://embracethered.com/blog/posts/2024/aws-amazon-q-fixes-markdown-rendering-vulnerability/

Contributed by https://github.com/ramimac

Entry Status

Finalized

Disclosure Date

Mon, Dec 4th, 2023

Exploitability Period

-

Known ITW Exploitation

-

Detection Methods

None

Piercing Index Rating

-

Discovered by

Johann Rehberger

More vulnerabilities...

high

Microsoft Healthcare Chatbot Vulnerabilities

azure

Multiple vulnerabilities in Microsoft's Azure Health Bot service were discovered, allowing access to sensitive infrastructure and confidential medical data. Issues included sandbox escapes, unrestr...

Yanir Tsarimi, Breachproof
high

Amazon Cognito Rate Limit Bypass Vulnerability

aws

A rate limit bypass vulnerability was discovered in Amazon Cognito, allowing attackers to potentially brute-force login credentials, password reset PINs, and MFA codes by sending requests in parall...

Daniel Lümmel, LuemmelSec
high

Azure Pipelines Agent poisoned pipeline execution

azuregithub

Azure Pipelines and GitHub Actions allow deployment of runners and agents using VM images sourced from a GitHub-managed repository (github.com/actions/runner-images). This repo was misconfigured to...

Adnan Khan
View all