Researchers recommend removing the popular browser extension immediately.
Synopsys discovered a zero-day vulnerability in EmailGPT, a popular extension for Google Chrome that uses artificial intelligence to write emails.
A "Prompt Injection" vulnerability with the identifier CVE-2024-5184 allows attackers to manipulate the service and gain access to confidential information.
EmailGPT uses public AI models from OpenAI to help users compose emails in the Gmail service. Users receive AI hints for writing emails, providing the service with source data and context. However, a recent discovery revealed a serious flaw in the extension's operation.
EmailGPT uses an API service that allows attackers to inject third-party promts and manage the service's logic. This can lead to leaking system prompts or executing unwanted commands.
For example, an attacker can create a prompta that embeds unwanted functionality, which can lead to:
Rated 6.5 on the CVSS scale, this vulnerability can also lead to intellectual property leaks, denial of service, and financial losses.
Synopsys reports that their researchers contacted the developers of EmailGPT before publishing details, but did not receive a response. Synopsys recommends that you immediately remove EmailGPT from your browser, because there are no ways to mitigate the impact of the vulnerability yet.
Patrick Harr, CEO of SlashNext Email Security, noted the importance of strict management and implementation of additional security measures for AI models to prevent the emergence of vulnerabilities and their subsequent exploitation.
Harr also added that companies planning to integrate AI into their business processes should require AI model vendors to provide real proof of their security.
Synopsys discovered a zero-day vulnerability in EmailGPT, a popular extension for Google Chrome that uses artificial intelligence to write emails.
A "Prompt Injection" vulnerability with the identifier CVE-2024-5184 allows attackers to manipulate the service and gain access to confidential information.
EmailGPT uses public AI models from OpenAI to help users compose emails in the Gmail service. Users receive AI hints for writing emails, providing the service with source data and context. However, a recent discovery revealed a serious flaw in the extension's operation.
EmailGPT uses an API service that allows attackers to inject third-party promts and manage the service's logic. This can lead to leaking system prompts or executing unwanted commands.
For example, an attacker can create a prompta that embeds unwanted functionality, which can lead to:
- data extraction;
- spam campaigns using hacked accounts;
- creating misleading content for mailing lists;
Rated 6.5 on the CVSS scale, this vulnerability can also lead to intellectual property leaks, denial of service, and financial losses.
Synopsys reports that their researchers contacted the developers of EmailGPT before publishing details, but did not receive a response. Synopsys recommends that you immediately remove EmailGPT from your browser, because there are no ways to mitigate the impact of the vulnerability yet.
Patrick Harr, CEO of SlashNext Email Security, noted the importance of strict management and implementation of additional security measures for AI models to prevent the emergence of vulnerabilities and their subsequent exploitation.
Harr also added that companies planning to integrate AI into their business processes should require AI model vendors to provide real proof of their security.
