A new report shows that AI has a major Application Programming Interface (API) problem. This is according to a Wallarm Report (from the end-to-end API and app security company). The report reveals a significant uptick in sophisticated cyber threats targeting APIs of AI infrastructure products. As more AI products and tools rely on APIs, they are becoming increasingly vulnerable to new and potentially critical API security risks.
DevOps and DevTools are another route for attackers. API vulnerabilities span commonly used DevOps tools, with DevOps tools and development frameworks contributing to the vulnerability.
Examples include mistakes in early AI development cycles that have created vulnerabilities for industry giants like Mercedes-Benz to tech innovators like NVIDIA’s Triton Inference Server, ZenML, and Hail.
Mercedes-Benz
A major API Leak provided unrestricted access to their source code and GitHub Enterprise, which exposed cloud keys and internal documents. Because of the extent of the exposure to critical breaches and destructive attacker behaviour, this is the worst threat of 2024 so far,.
ZenML
ZenML is a platform used by thousands of top-tier companies like Airbus and Goodyear for standardizing MLOps workflows. The company faced a critical API vulnerability, giving attackers unauthorized access to ZenML accounts.
The ZenML Takeover via Account Activation REST API vulnerabilities (CVE-2024-25723) ranks second because of the simplicity of the exploit and its potential to grant widespread, unauthorized access to MLOps workflows belonging to thousands of enterprises.
GitLab
A deceptively simple attack via the Account Takeover vulnerability (CVE-2023-7028) allowed hackers to intercept password reset codes via email, enabling the potential to commandeer an organization’s entire GitLab instance.
NVIDIA
The NVIDIA AI Platform Path Traversal Exploit (CVE-2023-31036) had the potential for severe and wide-ranging consequences for NVIDIA customers, including code execution, privilege escalation and others. NVIDIA was quick to act, which apparently saved them from the top spot.
Grafana
The Grafana exploit (CVE-2024-1442) gave users with data source creation permissions the ability to grant access to read, query, edit and delete all data sources within the organization. This is still under investigation and could escalate.