filmov
tv
LLM4Shell: Discovering and Exploiting RCE Vulnerabilities in Real-World LLM-Integrated Frameworks
Показать описание
LLM4Shell: Discovering and Exploiting RCE Vulnerabilities in Real-World LLM-Integrated Frameworks and Apps
In the rapidly evolving landscape of Large Language Models (LLMs), their integration into applications is becoming increasingly common. However, this integration, often facilitated by frameworks such as LangChain and LlamaIndex, poses significant security risks. Specifically, the code execution features of these frameworks can inadvertently introduce Remote Code Execution (RCE) vulnerabilities. We name these kinds of vulnerabilities as LLM4Shell.
In this talk, we delve into the underlying causes of RCE vulnerabilities within LLM-Integrated frameworks, revealing a startling landscape of security lapses. Our systematic investigation has uncovered 15 critical vulnerabilities across 8 popular frameworks, with 13 confirmed by their developers. Notably, we also obtained 9 CVE IDs, and 5 boast a high CVSS score of 9.8, underlining their severity. Our exploration doesn't stop at framework vulnerabilities. We extend our analysis to 51 LLM-Integrated applications, successfully exploiting 17, including 16 with RCE vulnerabilities and one susceptible to SQL injection. The presentation will detail our automated prompt-based exploitation method and its real-world applicability, highlighting the ease with which attackers can leverage these vulnerabilities for malicious purposes. From stealing sensitive data like OpenAI API keys to launching DoS and phishing attacks, the potential for harm is immense. Lastly, this session is not just about exposing vulnerabilities; it's also about fortification. We will share actionable insights and potential mitigations to help developers secure their LLM-Integrated frameworks and applications against these emerging threats.
By:
Tong Liu | Dr., Institute of Information Engineering, CHINESE ACADEMY OF SCIENCES
Yuekang Li | Dr., University Of New South Wales
Zizhuang Deng | Dr., Institute of Information Engineering, CHINESE ACADEMY OF SCIENCES
Guozhu Meng | Associate professor, Institute of Information Engineering, CHINESE ACADEMY OF SCIENCES
Kai Chen | Professor, Institute of Information Engineering, CHINESE ACADEMY OF SCIENCES
Full Abstract & Presentation Materials:
In the rapidly evolving landscape of Large Language Models (LLMs), their integration into applications is becoming increasingly common. However, this integration, often facilitated by frameworks such as LangChain and LlamaIndex, poses significant security risks. Specifically, the code execution features of these frameworks can inadvertently introduce Remote Code Execution (RCE) vulnerabilities. We name these kinds of vulnerabilities as LLM4Shell.
In this talk, we delve into the underlying causes of RCE vulnerabilities within LLM-Integrated frameworks, revealing a startling landscape of security lapses. Our systematic investigation has uncovered 15 critical vulnerabilities across 8 popular frameworks, with 13 confirmed by their developers. Notably, we also obtained 9 CVE IDs, and 5 boast a high CVSS score of 9.8, underlining their severity. Our exploration doesn't stop at framework vulnerabilities. We extend our analysis to 51 LLM-Integrated applications, successfully exploiting 17, including 16 with RCE vulnerabilities and one susceptible to SQL injection. The presentation will detail our automated prompt-based exploitation method and its real-world applicability, highlighting the ease with which attackers can leverage these vulnerabilities for malicious purposes. From stealing sensitive data like OpenAI API keys to launching DoS and phishing attacks, the potential for harm is immense. Lastly, this session is not just about exposing vulnerabilities; it's also about fortification. We will share actionable insights and potential mitigations to help developers secure their LLM-Integrated frameworks and applications against these emerging threats.
By:
Tong Liu | Dr., Institute of Information Engineering, CHINESE ACADEMY OF SCIENCES
Yuekang Li | Dr., University Of New South Wales
Zizhuang Deng | Dr., Institute of Information Engineering, CHINESE ACADEMY OF SCIENCES
Guozhu Meng | Associate professor, Institute of Information Engineering, CHINESE ACADEMY OF SCIENCES
Kai Chen | Professor, Institute of Information Engineering, CHINESE ACADEMY OF SCIENCES
Full Abstract & Presentation Materials: