
Key Alert:
A Server-Side Request Forgery (SSRF) vulnerability, identified as CVE-2024-27564, previously discovered in ChatGPT’s infrastructure, has recently been seen in attacks on the healthcare industry. This flaw allows attackers to inject malicious URLs, compelling the application to make arbitrary requests. Cyber threat actors have exploited this vulnerability, launching over 10,000 attacks globally, with healthcare organizations among the primary targets.
Threat Overview:
CVE-2024-27564 is an SSRF vulnerability located in the pictureproxy.php
component of ChatGPT’s codebase and does not require authentication to be exploited. By injecting crafted URLs into the url
parameter, attackers can manipulate the application to initiate unauthorized requests, leading to unauthorized data access, internal network scanning, local file inclusion, and further infiltration into sensitive systems.
Key aspects include:
- Attack Vector: Remote exploitation through crafted URL injection into ChatGPT’s
pictureproxy.php
. - Targeted Systems: ChatGPT implementations within healthcare environments, particularly those integrated into clinical workflows and data management systems.
- Notable Characteristics: Active exploitation in the wild, with over 10,000 attack attempts observed globally, affecting financial institutions, healthcare, and government organizations.
Current Threat Landscape:
Although CVE-2024-27564 was initially identified in 2024, no known patch exists as of this post, and recent threat intelligence confirms that cyber adversaries continue to exploit ChatGPT implementations in healthcare environments. This ongoing activity underscores threat actors’ persistence and resourcefulness, capitalizing on legacy vulnerabilities and outdated deployments. This threat underscores the urgent need for healthcare organizations to reexamine their security measures and deploy compensating controls while awaiting an official fix.
Healthcare Impacts:
- Data Breaches: Unauthorized access to Protected Health Information (PHI) could result in significant privacy violations and HIPAA non-compliance.
- Operational Disruptions: Exploitation may lead to system downtimes, affecting critical healthcare services such as Electronic Health Records (EHR) systems and telemedicine platforms.
- Financial and Reputational Damage: Breaches can lead to substantial financial penalties and erosion of patient trust.
Exploitation Method:
Attackers exploit this vulnerability by injecting malicious URLs into the url
parameter of the pictureproxy.php
script in ChatGPT. This SSRF flaw forces the application to make arbitrary requests, potentially accessing internal resources and sensitive data.
Affected Products and Versions:
- ChatGPT Implementations: All versions utilizing the vulnerable
pictureproxy.php
component.
Indicators of Compromise (IoCs):
- Unusual Outbound Requests: Unexpected external requests originating from internal systems.
- Anomalous Application Behavior: Irregularities in application performance or unexpected data access patterns.
- Unauthorized Network Scans: Detection of internal network scanning activities initiated from compromised systems.
Known IPv4 Addresses
31[.]56[.]56[.]156
38[.]60[.]191[.]7
94[.]156[.]177[.]106
159[.]192[.]123[.]190
119[.]82[.]255[.]34
103[.]251[.]223[.]127
104[.]143[.]229[.]115
114[.]10[.]44[.]40
116[.]212[.]150[.]192
145[.]223[.]59[.]188
167[.]100[.]106[.]99
174[.]138[.]27[.]119
212[.]237[.]124[.]38
216[.]158[.]205[.]221
Tactics, Techniques, and Procedures (TTPs):
Tactics | Techniques |
---|---|
Initial Access | External Remote Services (T1133) |
Discovery | File and Directory Discovery (T1083) |
Execution | Command and Scripting Interpreter (T1059) |
Exfiltration | Exfiltration Over Alternative Protocol (T1048) |
Recommendations for Healthcare Organizations:
Immediate Actions:
- Disable or Limit the Vulnerable Component: If possible, temporarily disable the
pictureproxy.php
functionality or restrict its use to minimize exposure until a patch is available. - Restrict Network Access: Enforce strict network segmentation and limit external access to the ChatGPT implementation, reducing the potential attack surface.
- Deploy Web Application Firewalls (WAF): Implement WAF rules to block malicious URL injections targeting vulnerable parameters.
- Enhance Monitoring and Logging: Upgrade logging configurations and monitor for abnormal outbound requests, internal file access attempts, and indicators of SSRF exploitation or local file inclusion.
- Implement Compensating Controls: Apply temporary measures such as input validation improvements, rate limiting, and strict access controls to mitigate the risk while awaiting an official patch.
Long-Term Defense:
- Regular System Updates: To minimize exploitable vulnerabilities, maintain a disciplined patch management cycle across all systems, including AI-powered applications.
- Prioritize AI-Related Security Gaps in Risk Assessments: Revise your risk assessment frameworks to include AI-driven systems and integrations explicitly. This involves identifying vulnerabilities unique to AI and machine learning components, regularly evaluating their security posture, and ensuring that emerging AI-specific threats are factored into your strategic defense planning.
- Segmentation and Isolation: Limit the exposure of vulnerable AI-driven systems by isolating them from critical network segments. This minimizes the potential for lateral movement and reduces the risk of a broader compromise.
- Incident Response Planning: Develop and regularly test incident response plans to address potential security breaches effectively.
Leadership Guidance:
Healthcare leaders should prioritize the immediate assessment and mitigation of this vulnerability to protect patient data and ensure the continuity of healthcare services. Investing in robust security measures and fostering a culture of cybersecurity awareness are essential steps in safeguarding organizational assets.
Blackwell Security MHXDR Customers:
Blackwell Security provides continuous monitoring and threat intelligence to help identify potential exploitation of vulnerabilities like CVE-2024-27564. While we do not perform remediation activities, we offer guidance and recommendations to assist your organization’s security teams in effectively addressing such threats.
References:
- NVD – CVE-2024-27564
- AHA News: Cyberthreat actors using ChatGPT exploit to attack health care, other industries
- SecurityWeek: ChatGPT Vulnerability Exploited Against US Government Organizations
- Veriti Research: CVE-2024-27564 Actively Exploited in the Wild
- GitHub Issue: SSRF vulnerability in
pictureproxy.php
File