March 27, 2024 at 04:43PM
Thousands of companies are at risk due to a critical remote-code-execution bug, named ShadowRay (CVE-2023-48022), in the Ray open-source AI framework. Exploited for seven months, it compromises sensitive data and facilitates cryptocurrency mining. Although fixes for other flaws are available, the vulnerability remains, leading to significant breaches and data leaks.
Based on the meeting notes, the key takeaways are:
– There is a critical remote-code-execution vulnerability in the Ray open-source AI framework, tracked as CVE-2023-48022, with a severity rating of 9.8 out of 10.
– The vulnerability allows for active exploitation leading to data theft, ransomware, and unauthorized access to cloud environments in AWS, Google, and Microsoft Azure.
– The compromised vulnerable deployments often run with root privileges, allowing attackers to access the entire cloud environment and other services.
– Attackers are also abusing hijacked clusters for cryptocurrency mining.
– Anyscale is working on a script to help users verify their configurations and avoid accidental exposure, and has notified its customers of the vulnerability.
Please let me know if there is any specific action or further information you need regarding these meeting notes.