Copilot’s Weakness, DeepSeek Data exposed, Backdoor in Contec CMS8000 & Apple's Zero-Day
Notable security news for the week of Jan 26th-1st Feb 2025, brought to you by the F5 Security Incident Response Team. This week, your editor is Dharminder. In this edition, I have security news about weaknesses in GitHub’s Copilot — where a simple word “sure” can drastically change its response; and much more. Wiz Research found that DeepSeek’s database, which could be accessed without a password, had over a million log entries. These entries include chat history, API keys, backend details, and operational metadata. The FDA warned about a backdoor, and some other weaknesses were found in the Contact CMS8000 patient monitor. Fix of Zero-Day vulnerability in Apple OS exploited in wild is released.
We at F5 SIRT invest a lot of time to understand the frequently changing behavior of bad actors. Bad actors are a threat to your business, your reputation, your livelihood. That’s why we take the security of your business seriously. When you’re under attack, we’ll work quickly to effectively mitigate attacks and vulnerabilities, and get you back up and running. So next time you are under security emergency please contact F5 SIRT.
Ok, let’s get started and see the details of the security news.
GitHub Copilot weakness - "Sure"
Apex Security identified two critical vulnerabilities in GitHub Copilot, exposing weaknesses in AI security. The first, an “affirmation jailbreak,” allows attackers to bypass ethical safeguards by starting prompts with "Sure." This minute control enables Copilot to generate instructions for unethical tasks like SQL injection and fake Wi-Fi setups. Normally, Copilot rejects such requests, but the added word alters its response behavior, highlighting AI’s susceptibility to contextual influence. The second exploit involves modifying Copilot’s proxy settings to intercept authentication tokens. By rerouting traffic through a custom proxy, researchers gained unrestricted access to OpenAI models, bypassing security controls and subscription fees. This loophole allows unauthorized API requests, raising concerns over financial, security, and ethical implications. Free access to enterprise-grade AI resources could lead to financial losses, while unregulated model usage increases the risk of generating harmful content. GitHub dismissed the findings as “informative,” arguing that an active Copilot license is required to exploit them. However, Apex urged stronger safeguards, including stricter proxy validation and improved ethical filters. As AI-driven coding tools become mainstream, robust security measures are crucial to preventing exploitation. These vulnerabilities highlight the ongoing challenge of balancing AI innovation with responsible implementation.
https://www.darkreading.com/vulnerabilities-threats/new-jailbreaks-manipulate-github-copilot
DeepSeek - Sensitive Data exposed
Wiz Research discovered an exposed ClickHouse database belonging to DeepSeek, a Chinese AI startup known for its DeepSeek-R1 model. The database, accessible without authentication, contained over a million log entries, including chat history, API keys, backend details, and operational metadata. Researchers found the exposure while scanning DeepSeek’s public domains and detected open ports (8123 and 9000) leading to unrestricted database access. Using ClickHouse’s SQL interface, they confirmed the presence of sensitive data, highlighting a critical security flaw. This exposure posed risks of unauthorized access, data exfiltration, and privilege escalation. While DeepSeek quickly secured the database after disclosure, the incident underscores the broader risks of AI infrastructure security. As AI adoption accelerates, companies must prioritize protecting sensitive data, implementing strict access controls, and working closely with security teams to prevent misconfigurations. The fast growth of AI tools without security frameworks makes systems vulnerable. Strong security measures are needed to protect AI-driven operations.
https://www.wiz.io/blog/wiz-research-uncovers-exposed-deepseek-database-leak?utm_source=tldrinfosec
Flaws in Contec CMS8000 (Patient Monitors) Pose Risks to Healthcare Devices and Data.
The FDA warns that cybersecurity vulnerabilities in Contec CMS8000 and Epsimed MN-120 patient monitors could put patients at risk when connected to the internet. Three key threats include unauthorized remote control, compromised software with a backdoor, and patient data exfiltration. These vulnerabilities can allow attackers to disable, manipulate, or control the devices, affecting all connected monitors on the same network. The FDA notes that these devices were only authorized for wired connectivity, yet some versions include unauthorized wireless capabilities. The Cybersecurity and Infrastructure Security Agency (CISA) discovered that once online, the monitors collect and transmit patient data, including personally identifiable and health information, to an external source. No known incidents, injuries, or deaths have been reported, but the FDA advises caution. Patients should confirm whether their devices use remote monitoring and, if so, disconnect and seek alternatives. If remote monitoring is unnecessary, all network connections should be disabled. Healthcare providers and facility staff should inspect devices for anomalies, follow CISA recommendations, and report any issues to the FDA. There is currently no software patch available. The FDA and CISA are working with Contec to address the vulnerabilities and will provide updates as needed. Devices can be identified through their unique device identifier (UDI). The FDA continues to monitor the situation to protect patient safety.
https://thehackernews.com/2025/01/cisa-and-fda-warn-of-critical-backdoor.html
Apple Zero-Day - CVE-2025-24085
Apple has released updates to address multiple security vulnerabilities, including a zero-day flaw (CVE-2025-24085) that has been exploited in the wild. This problem in the Core Media part could let a bad app gain more power on devices that have iOS, iPadOS, and macOS versions before iOS 17.2. The issue has been resolved with improved memory management in several Apple devices, including iPhones, iPads, Macs, Apple TV, and Apple Watch. Additionally, five AirPlay security flaws were patched, which could have caused system crashes, a denial-of-service (DoS), or arbitrary code execution. Google’s Threat Analysis Group reported three vulnerabilities in CoreAudio, which could lead to unexpected app terminations. Apple has not provided details on the exploitation methods or the attackers. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2025-24085 to its list of known exploited vulnerabilities. The agency is asking federal agencies to fix the problem by February 19, 2025.
https://thehackernews.com/2025/01/apple-patches-actively-exploited-zero.html
Published Feb 04, 2025
Version 1.0
No CommentsBe the first to comment