ShadowRay Exploit Endangers AI Data; Firms Face Billion-Dollar Risks
March 28, 2024A critical vulnerability named ShadowRay was discovered in the Ray AI framework, identified as CVE-2023-48022.
The ShadowRay flaw lets attackers issue system commands through Ray's job submission API, potentially accessing all nodes in a cluster and retrieving sensitive credentials.
Anyscale, the Ray framework's maintainer, has patched four out of six identified vulnerabilities but downplays the severity of the remote code execution (RCE) issue.
Cybersecurity group Oligo warns that the RCE vulnerability is being actively exploited, posing a threat to AI workloads and company data across multiple high-profile firms.
Financial damages from the exploitation of this vulnerability over a seven-month period could amount to an estimated $1 billion.
Compromised systems have leaked access to Kubernetes API and Slack tokens, increasing the risk of further security breaches.
Oligo suspects a sophisticated hacking group is behind the ShadowRay campaign and urges organizations to enhance security measures beyond relying on framework updates.
Summary based on 3 sources
Get a daily email with more Tech stories
Sources
VentureBeat • Mar 27, 2024
‘ShadowRay’ vulnerability on Ray framework exposes thousands of AI workloads, compute power and dataTechRadar pro • Mar 27, 2024
Ray framework flaw exploited for hackers to breach serversSecurityWeek • Mar 27, 2024
Ray AI Framework Vulnerability Exploited to Hack Hundreds of Clusters