Threat actors could exploit critical cross-site scripting vulnerabilities in Lenovo's GPT-4-powered artificial intelligence chatbot Lena to facilitate malicious code injections and session cookie theft through a single prompt, reports Cybernews.
Exfiltrating active session cookies has been made possible by a lone prompt commencing with an inquiry for legitimate information, followed by instructions for output format modification and how to generate an HTML-based output before including further orders to produce the requested image, an analysis from Cybernews researchers showed. In the process of producing the HTML output which eventually includes instructions for obtaining resources from an attacker-controlled server the malicious code infiltrating Lenovo's systems is then executed before threat actors request communications with a human support agent, with the firm's customer support systems at risk of being compromised using previously secured cookies. "It may also be possible to execute some system commands, which could allow for the installation of backdoors and lateral movement to other servers and computers on the network," said researchers.
Exfiltrating active session cookies has been made possible by a lone prompt commencing with an inquiry for legitimate information, followed by instructions for output format modification and how to generate an HTML-based output before including further orders to produce the requested image, an analysis from Cybernews researchers showed. In the process of producing the HTML output which eventually includes instructions for obtaining resources from an attacker-controlled server the malicious code infiltrating Lenovo's systems is then executed before threat actors request communications with a human support agent, with the firm's customer support systems at risk of being compromised using previously secured cookies. "It may also be possible to execute some system commands, which could allow for the installation of backdoors and lateral movement to other servers and computers on the network," said researchers.




