At Pwn2Own Berlin 2025, AI systems made their debut as official competition targets. This talk documents our successful exploitation of real-world AI infrastructure in that context focusing on vulnerabilities we discovered and demonstrated in Ollama and NVIDIA Triton Inference Server.
We detail our security research methodology, which included threat modeling, file format fuzzing, and plugin analysis. In Ollama, we discovered multiple bugs before and during the competition, including an authentication bypass (CVE issued) and a heap overflow found via fuzzing—although it was patched three weeks before the event. In Triton Server, we uncovered a command injection vulnerability in its model configuration pipeline, leading to reliable remote code execution.
We'll also briefly explore other AI targets such as RedisAI, ChromaDB, and NVIDIA's container runtime, including insight into a potential stack overflow rediscovery via fuzzing.
This session blends concrete technical details with broader insight, sharing actionable takeaways for red teamers and defenders working with inference systems. Attendees will leave with a solid understanding of how to audit, attack, and better defend AI model infrastructure.
By:
Patrick Ventuzelo | CEO & Founder, Fuzzinglabs
Nabih Benazzouz | COO, Fuzzinglabs
https://ift.tt/aPmKAZ3
source https://www.youtube.com/watch?v=Qy1Uu5Wdkg8
Subscribe to:
Post Comments (Atom)
-
Unmasking State-Sponsored Mobile Surveillance Malware from Russia, China, and North Korea – Threat Actors, Tactics, and Defense Strategies S...
-
WeChat, with over 1.2 billion monthly active users, stands as the most popular messaging and social media platform in China and third global...
No comments:
Post a Comment