Full Report
The flaw in Lightning.AI’s platform, which has been patched, would have given root access to an attacker and broad control over a victim’s cloud-based studio and connected systems. The post Vulnerability in popular AI developer could ‘shut down essentially everything you own’ appeared first on CyberScoop.
Analysis Summary
# Vulnerability: Remote Code Execution via Hidden Parameter in Lightning.AI Platform
## CVE Details
- CVE ID: Not formally requested (As per the article)
- CVSS Score: 9.4 (Critical - based on the described impact of RCE/Root Access)
- CWE: Not specified, but implies improper input validation/Injection
## Affected Systems
- Products: Lightning.AI development platform (formerly Grid.AI)
- Versions: All versions prior to the patch implemented on October 25, 2024.
- Configurations: Users utilizing the cloud-based studio environment.
## Vulnerability Description
A critical vulnerability existed within the Javascript code used by Lightning.AI's development platform. Researchers discovered a hidden, manipulable parameter named **"command"** within the URL structure of the Javascript code. By crafting malicious phishing links that place this "command" parameter in the correct location, an attacker could achieve Remote Code Execution (RCE) with **root access** and the highest possible privileges on the victim's cloud studio. This grants broad control over the studio, the ability to execute arbitrary code, exfiltrate sensitive data (including AWS cloud metadata/tokens), and manipulate connected systems.
## Exploitation
- Status: PoC available (Researchers demonstrated feasibility via phishing links)
- Complexity: Low (Easily achieved by manipulating the URL parameter)
- Attack Vector: Network (via phishing link delivery leading to code execution in the browser/session)
## Impact
- Confidentiality: High (Access to all secrets, AWS account tokens, user information)
- Integrity: High (Ability to create, modify, or delete files; execute arbitrary code)
- Availability: High (Potential to "shut down essentially everything you own")
## Remediation
### Patches
- A patch was developed and implemented by Lightning.AI on **October 25, 2024**. (Specific version not detailed, users should ensure they are on the latest release post-Oct 25, 2024.)
### Workarounds
- Lightning.AI implemented additional security measures beyond patching, including:
- Strengthened input validation.
- Tightened access controls.
- Reinforced internal security protocols.
## Detection
- Detection would involve monitoring for unusual network requests or command executions originating from user sessions within the Lightning.AI cloud studio environment, specifically focusing on URL structures containing manipulated internal parameters.
- Indicator of Compromise (IOC): Successful exploitation is indicated by unauthorized AWS metadata access or execution of arbitrary shell commands within the victim's cloud session.
## References
- Vendor advisory/discovery details are referenced in the Noma security report: hxxps://noma.security/noma-research-discovers-rce-vulnerability-in-ai-development-platform-lightning-ai/
- Vendor response via CyberScoop: hxxps://www.cyberscoop.com/lightningai-vulnerability-noma-cloud-phishing/