www.synopsys.com
Open in
urlscan Pro
2a02:26f0:1700:1ab::afd
Public Scan
URL:
https://www.synopsys.com/blogs/software-security/cyrc-advisory-prompt-injection-emailgpt.html
Submission: On June 07 via api from TR — Scanned from DE
Submission: On June 07 via api from TR — Scanned from DE
Form analysis 2 forms found in the DOM
<form id="mktoForm_1028" novalidate="novalidate" class="mktoForm mktoHasWidth mktoLayoutAbove" style="font-family: Helvetica, Arial, sans-serif; font-size: 14px; color: rgb(51, 51, 51); width: 351px;">
<style type="text/css">
.mktoForm .mktoButtonWrap.mktoSimple .mktoButton {
color: #fff;
border: 1px solid #75ae4c;
padding: 0.4em 1em;
font-size: 1em;
background-color: #99c47c;
background-image: -webkit-gradient(linear, left top, left bottom, from(#99c47c), to(#75ae4c));
background-image: -webkit-linear-gradient(top, #99c47c, #75ae4c);
background-image: -moz-linear-gradient(top, #99c47c, #75ae4c);
background-image: linear-gradient(to bottom, #99c47c, #75ae4c);
}
.mktoForm .mktoButtonWrap.mktoSimple .mktoButton:hover {
border: 1px solid #447f19;
}
.mktoForm .mktoButtonWrap.mktoSimple .mktoButton:focus {
outline: none;
border: 1px solid #447f19;
}
.mktoForm .mktoButtonWrap.mktoSimple .mktoButton:active {
background-color: #75ae4c;
background-image: -webkit-gradient(linear, left top, left bottom, from(#75ae4c), to(#99c47c));
background-image: -webkit-linear-gradient(top, #75ae4c, #99c47c);
background-image: -moz-linear-gradient(top, #75ae4c, #99c47c);
background-image: linear-gradient(to bottom, #75ae4c, #99c47c);
}
</style>
<div class="mktoFormRow">
<div class="mktoFormCol" style="margin-bottom: 10px;">
<div class="mktoOffset mktoHasWidth" style="width: 10px;"></div>
<div class="mktoFieldWrap">
<div class="mktoHtmlText mktoHasWidth" style="width: 260px;">Required Fields <span style="color: #cc0000;"><strong>*</strong></span></div>
<div class="mktoClear"></div>
</div>
<div class="mktoClear"></div>
</div>
<div class="mktoClear"></div>
</div>
<div class="mktoFormRow">
<div class="mktoFieldDescriptor mktoFormCol" style="margin-bottom: 10px;">
<div class="mktoOffset" style="width: 10px;"></div>
<div class="mktoFieldWrap mktoRequiredField"><label for="Email" id="LblEmail" class="mktoLabel mktoHasWidth" style="width: 100px;">
<div class="mktoAsterix">*</div>Email Address:
</label>
<div class="mktoGutter mktoHasWidth" style="width: 10px;"></div><input id="Email" name="Email" maxlength="255" aria-labelledby="LblEmail InstructEmail" type="email" class="mktoField mktoEmailField mktoHasWidth mktoRequired"
aria-required="true" style="width: 150px;"><span id="InstructEmail" tabindex="-1" class="mktoInstruction"></span>
<div class="mktoClear"></div>
</div>
<div class="mktoClear"></div>
</div>
<div class="mktoClear"></div>
</div>
<div class="mktoFormRow">
<div class="mktoFieldDescriptor mktoFormCol" style="margin-bottom: 10px;">
<div class="mktoOffset" style="width: 10px;"></div>
<div class="mktoFieldWrap mktoRequiredField"><label for="Country" id="LblCountry" class="mktoLabel mktoHasWidth" style="width: 100px;">
<div class="mktoAsterix">*</div>Country:
</label>
<div class="mktoGutter mktoHasWidth" style="width: 10px;"></div><select id="Country" name="Country" aria-labelledby="LblCountry InstructCountry" class="mktoField mktoHasWidth mktoRequired" aria-required="true" style="width: 150px;">
<option value="">Select...</option>
<option value="Afghanistan">Afghanistan</option>
<option value="Aland Islands">Aland Islands</option>
<option value="Albania">Albania</option>
<option value="Algeria">Algeria</option>
<option value="Andorra">Andorra</option>
<option value="Angola">Angola</option>
<option value="Anguilla">Anguilla</option>
<option value="Antarctica">Antarctica</option>
<option value="Antigua and Barbuda">Antigua and Barbuda</option>
<option value="Argentina">Argentina</option>
<option value="Armenia">Armenia</option>
<option value="Aruba">Aruba</option>
<option value="Australia">Australia</option>
<option value="Austria">Austria</option>
<option value="Azerbaijan">Azerbaijan</option>
<option value="Bahamas">Bahamas</option>
<option value="Bahrain">Bahrain</option>
<option value="Bangladesh">Bangladesh</option>
<option value="Barbados">Barbados</option>
<option value="Belarus">Belarus</option>
<option value="Belgium">Belgium</option>
<option value="Belize">Belize</option>
<option value="Benin">Benin</option>
<option value="Bermuda">Bermuda</option>
<option value="Bhutan">Bhutan</option>
<option value="Bolivia, Plurinational State of">Bolivia, Plurinational State of</option>
<option value="Bonaire, Sint Eustatius and Saba">Bonaire, Sint Eustatius and Saba</option>
<option value="Bosnia and Herzegovina">Bosnia and Herzegovina</option>
<option value="Botswana">Botswana</option>
<option value="Bouvet Island">Bouvet Island</option>
<option value="Brazil">Brazil</option>
<option value="British Indian Ocean Territory">British Indian Ocean Territory</option>
<option value="Brunei Darussalam">Brunei Darussalam</option>
<option value="Bulgaria">Bulgaria</option>
<option value="Burkina Faso">Burkina Faso</option>
<option value="Burundi">Burundi</option>
<option value="Cambodia">Cambodia</option>
<option value="Cameroon">Cameroon</option>
<option value="Canada">Canada</option>
<option value="Cape Verde">Cape Verde</option>
<option value="Cayman Islands">Cayman Islands</option>
<option value="Central African Republic">Central African Republic</option>
<option value="Chad">Chad</option>
<option value="Chile">Chile</option>
<option value="China">China</option>
<option value="Christmas Island">Christmas Island</option>
<option value="Cocos (Keeling) Islands">Cocos (Keeling) Islands</option>
<option value="Colombia">Colombia</option>
<option value="Comoros">Comoros</option>
<option value="Congo">Congo</option>
<option value="Congo, the Democratic Republic of the">Congo, the Democratic Republic of the</option>
<option value="Cook Islands">Cook Islands</option>
<option value="Costa Rica">Costa Rica</option>
<option value="Cote d'Ivoire">Cote d'Ivoire</option>
<option value="Croatia">Croatia</option>
<option value="Cuba">Cuba</option>
<option value="Curaçao">Curaçao</option>
<option value="Cyprus">Cyprus</option>
<option value="Czech Republic">Czech Republic</option>
<option value="Denmark">Denmark</option>
<option value="Djibouti">Djibouti</option>
<option value="Dominica">Dominica</option>
<option value="Dominican Republic">Dominican Republic</option>
<option value="Ecuador">Ecuador</option>
<option value="Egypt">Egypt</option>
<option value="El Salvador">El Salvador</option>
<option value="Equatorial Guinea">Equatorial Guinea</option>
<option value="Eritrea">Eritrea</option>
<option value="Estonia">Estonia</option>
<option value="Ethiopia">Ethiopia</option>
<option value="Falkland Islands (Malvinas)">Falkland Islands (Malvinas)</option>
<option value="Faroe Islands">Faroe Islands</option>
<option value="Fiji">Fiji</option>
<option value="Finland">Finland</option>
<option value="France">France</option>
<option value="French Guiana">French Guiana</option>
<option value="French Polynesia">French Polynesia</option>
<option value="French Southern Territories">French Southern Territories</option>
<option value="Gabon">Gabon</option>
<option value="Gambia">Gambia</option>
<option value="Georgia">Georgia</option>
<option value="Germany">Germany</option>
<option value="Ghana">Ghana</option>
<option value="Gibraltar">Gibraltar</option>
<option value="Greece">Greece</option>
<option value="Greenland">Greenland</option>
<option value="Grenada">Grenada</option>
<option value="Guadeloupe">Guadeloupe</option>
<option value="Guatemala">Guatemala</option>
<option value="Guernsey">Guernsey</option>
<option value="Guinea">Guinea</option>
<option value="Guinea-Bissau">Guinea-Bissau</option>
<option value="Guyana">Guyana</option>
<option value="Haiti">Haiti</option>
<option value="Heard Island and McDonald Islands">Heard Island and McDonald Islands</option>
<option value="Holy See (Vatican City State)">Holy See (Vatican City State)</option>
<option value="Honduras">Honduras</option>
<option value="Hong Kong">Hong Kong</option>
<option value="Hungary">Hungary</option>
<option value="Iceland">Iceland</option>
<option value="India">India</option>
<option value="Indonesia">Indonesia</option>
<option value="Iran, Islamic Republic of">Iran, Islamic Republic of</option>
<option value="Iraq">Iraq</option>
<option value="Ireland">Ireland</option>
<option value="Isle of Man">Isle of Man</option>
<option value="Israel">Israel</option>
<option value="Italy">Italy</option>
<option value="Jamaica">Jamaica</option>
<option value="Japan">Japan</option>
<option value="Jersey">Jersey</option>
<option value="Jordan">Jordan</option>
<option value="Kazakhstan">Kazakhstan</option>
<option value="Kenya">Kenya</option>
<option value="Kiribati">Kiribati</option>
<option value="Korea, Democratic People's Republic of">Korea, Democratic People's Republic of</option>
<option value="Korea, Republic of">Korea, Republic of</option>
<option value="Kuwait">Kuwait</option>
<option value="Kyrgyzstan">Kyrgyzstan</option>
<option value="Lao People's Democratic Republic">Lao People's Democratic Republic</option>
<option value="Latvia">Latvia</option>
<option value="Lebanon">Lebanon</option>
<option value="Lesotho">Lesotho</option>
<option value="Liberia">Liberia</option>
<option value="Libya">Libya</option>
<option value="Liechtenstein">Liechtenstein</option>
<option value="Lithuania">Lithuania</option>
<option value="Luxembourg">Luxembourg</option>
<option value="Macao">Macao</option>
<option value="Macedonia, the former Yugoslav Republic of">Macedonia, the former Yugoslav Republic of</option>
<option value="Madagascar">Madagascar</option>
<option value="Malawi">Malawi</option>
<option value="Malaysia">Malaysia</option>
<option value="Maldives">Maldives</option>
<option value="Mali">Mali</option>
<option value="Malta">Malta</option>
<option value="Marshall Islands">Marshall Islands</option>
<option value="Martinique">Martinique</option>
<option value="Mauritania">Mauritania</option>
<option value="Mauritius">Mauritius</option>
<option value="Mayotte">Mayotte</option>
<option value="Mexico">Mexico</option>
<option value="Moldova, Republic of">Moldova, Republic of</option>
<option value="Monaco">Monaco</option>
<option value="Mongolia">Mongolia</option>
<option value="Montenegro">Montenegro</option>
<option value="Montserrat">Montserrat</option>
<option value="Morocco">Morocco</option>
<option value="Mozambique">Mozambique</option>
<option value="Myanmar">Myanmar</option>
<option value="Namibia">Namibia</option>
<option value="Nauru">Nauru</option>
<option value="Nepal">Nepal</option>
<option value="Netherland Antilles">Netherland Antilles</option>
<option value="Netherlands">Netherlands</option>
<option value="New Caledonia">New Caledonia</option>
<option value="New Zealand">New Zealand</option>
<option value="Nicaragua">Nicaragua</option>
<option value="Niger">Niger</option>
<option value="Nigeria">Nigeria</option>
<option value="Niue">Niue</option>
<option value="Norfolk Island">Norfolk Island</option>
<option value="Northern Mariana Islands">Northern Mariana Islands</option>
<option value="Norway">Norway</option>
<option value="Oman">Oman</option>
<option value="Pakistan">Pakistan</option>
<option value="Palestine">Palestine</option>
<option value="Panama">Panama</option>
<option value="Papua New Guinea">Papua New Guinea</option>
<option value="Paraguay">Paraguay</option>
<option value="Peru">Peru</option>
<option value="Philippines">Philippines</option>
<option value="Pitcairn">Pitcairn</option>
<option value="Poland">Poland</option>
<option value="Portugal">Portugal</option>
<option value="Puerto Rico">Puerto Rico</option>
<option value="Qatar">Qatar</option>
<option value="Reunion">Reunion</option>
<option value="Romania">Romania</option>
<option value="Russian Federation">Russian Federation</option>
<option value="Rwanda">Rwanda</option>
<option value="Saint Barthélemy">Saint Barthélemy</option>
<option value="Saint Helena, Ascension and Tristan da Cunha">Saint Helena, Ascension and Tristan da Cunha</option>
<option value="Saint Kitts and Nevis">Saint Kitts and Nevis</option>
<option value="Saint Lucia">Saint Lucia</option>
<option value="Saint Martin (French part)">Saint Martin (French part)</option>
<option value="Saint Pierre and Miquelon">Saint Pierre and Miquelon</option>
<option value="Saint Vincent and the Grenadines">Saint Vincent and the Grenadines</option>
<option value="Samoa">Samoa</option>
<option value="San Marino">San Marino</option>
<option value="Sao Tome and Principe">Sao Tome and Principe</option>
<option value="Saudi Arabia">Saudi Arabia</option>
<option value="Senegal">Senegal</option>
<option value="Serbia">Serbia</option>
<option value="Seychelles">Seychelles</option>
<option value="Sierra Leone">Sierra Leone</option>
<option value="Singapore">Singapore</option>
<option value="Sint Maarten (Dutch part)">Sint Maarten (Dutch part)</option>
<option value="Slovakia">Slovakia</option>
<option value="Slovenia">Slovenia</option>
<option value="Solomon Islands">Solomon Islands</option>
<option value="Somalia">Somalia</option>
<option value="South Africa">South Africa</option>
<option value="South Georgia and the South Sandwich Islands">South Georgia and the South Sandwich Islands</option>
<option value="South Sudan">South Sudan</option>
<option value="Spain">Spain</option>
<option value="Sri Lanka">Sri Lanka</option>
<option value="Sudan">Sudan</option>
<option value="Suriname">Suriname</option>
<option value="Svalbard and Jan Mayen">Svalbard and Jan Mayen</option>
<option value="Swaziland">Swaziland</option>
<option value="Sweden">Sweden</option>
<option value="Switzerland">Switzerland</option>
<option value="Syrian Arab Republic">Syrian Arab Republic</option>
<option value="Taiwan">Taiwan</option>
<option value="Tajikistan">Tajikistan</option>
<option value="Tanzania, United Republic of">Tanzania, United Republic of</option>
<option value="Thailand">Thailand</option>
<option value="Timor-Leste">Timor-Leste</option>
<option value="Togo">Togo</option>
<option value="Tokelau">Tokelau</option>
<option value="Tonga">Tonga</option>
<option value="Trinidad and Tobago">Trinidad and Tobago</option>
<option value="Tunisia">Tunisia</option>
<option value="Turkey">Turkey</option>
<option value="Turkmenistan">Turkmenistan</option>
<option value="Turks and Caicos Islands">Turks and Caicos Islands</option>
<option value="Tuvalu">Tuvalu</option>
<option value="Uganda">Uganda</option>
<option value="Ukraine">Ukraine</option>
<option value="United Arab Emirates">United Arab Emirates</option>
<option value="United Kingdom">United Kingdom</option>
<option value="United States">United States</option>
<option value="Uruguay">Uruguay</option>
<option value="Uzbekistan">Uzbekistan</option>
<option value="Vanuatu">Vanuatu</option>
<option value="Venezuela, Bolivarian Republic of">Venezuela, Bolivarian Republic of</option>
<option value="Vietnam">Vietnam</option>
<option value="Virgin Islands, British">Virgin Islands, British</option>
<option value="Wallis and Futuna">Wallis and Futuna</option>
<option value="Western Sahara">Western Sahara</option>
<option value="Yemen">Yemen</option>
<option value="Zambia">Zambia</option>
<option value="Zimbabwe">Zimbabwe</option>
</select><span id="InstructCountry" tabindex="-1" class="mktoInstruction"></span>
<div class="mktoClear"></div>
</div>
<div class="mktoClear"></div>
</div>
<div class="mktoClear"></div>
</div>
<div class="mktoFormRow">
<div class="mktoPlaceholder mktoPlaceholderConsent_Agreement__c"></div>
<div class="mktoClear"></div>
</div>
<div class="mktoFormRow"><input type="hidden" name="Lead_Source_Most_Recent__c" class="mktoField mktoFieldDescriptor mktoFormCol" value="Website" style="margin-bottom: 10px;">
<div class="mktoClear"></div>
</div>
<div class="mktoFormRow"><input type="hidden" name="lastCampaignMemberStatus" class="mktoField mktoFieldDescriptor mktoFormCol" value="Filled-Out Form" style="margin-bottom: 10px;">
<div class="mktoClear"></div>
</div>
<div class="mktoFormRow"><input type="hidden" name="hiddenGCLID" class="mktoField mktoFieldDescriptor mktoFormCol" value="" style="margin-bottom: 10px;">
<div class="mktoClear"></div>
</div>
<div class="mktoFormRow"><input type="hidden" name="Most_Recent_Referring_URL__c" class="mktoField mktoFieldDescriptor mktoFormCol" value="" style="margin-bottom: 10px;">
<div class="mktoClear"></div>
</div>
<div class="mktoFormRow"><input type="hidden" name="utmmedium" class="mktoField mktoFieldDescriptor mktoFormCol" value="" style="margin-bottom: 10px;">
<div class="mktoClear"></div>
</div>
<div class="mktoFormRow"><input type="hidden" name="utmsource" class="mktoField mktoFieldDescriptor mktoFormCol" value="" style="margin-bottom: 10px;">
<div class="mktoClear"></div>
</div>
<div class="mktoFormRow"><input type="hidden" name="utmterm" class="mktoField mktoFieldDescriptor mktoFormCol" value="" style="margin-bottom: 10px;">
<div class="mktoClear"></div>
</div>
<div class="mktoFormRow"><input type="hidden" name="webFormIdentifier" class="mktoField mktoFieldDescriptor mktoFormCol" value="" style="margin-bottom: 10px;">
<div class="mktoClear"></div>
</div>
<div class="mktoFormRow"><input type="hidden" name="Consent_Date__c" class="mktoField mktoFieldDescriptor mktoFormCol" value="" style="margin-bottom: 10px;">
<div class="mktoClear"></div>
</div>
<div class="mktoFormRow"><input type="hidden" name="Consent_Country__c" class="mktoField mktoFieldDescriptor mktoFormCol" value="" style="margin-bottom: 10px;">
<div class="mktoClear"></div>
</div>
<div class="mktoFormRow"><input type="hidden" name="Consent_Version__c" class="mktoField mktoFieldDescriptor mktoFormCol" value="" style="margin-bottom: 10px;">
<div class="mktoClear"></div>
</div>
<div class="mktoFormRow"><input type="hidden" name="Consent_Method__c" class="mktoField mktoFieldDescriptor mktoFormCol" value="" style="margin-bottom: 10px;">
<div class="mktoClear"></div>
</div>
<div class="mktoFormRow"><input type="hidden" name="Consent_Details__c" class="mktoField mktoFieldDescriptor mktoFormCol" value="" style="margin-bottom: 10px;">
<div class="mktoClear"></div>
</div>
<div class="mktoFormRow"><input type="hidden" name="mktotrkcookie" class="mktoField mktoFieldDescriptor mktoFormCol" value="" style="margin-bottom: 10px;">
<div class="mktoClear"></div>
</div>
<div class="mktoFormRow"><input type="hidden" name="eCID" class="mktoField mktoFieldDescriptor mktoFormCol" value="" style="margin-bottom: 10px;">
<div class="mktoClear"></div>
</div>
<div class="mktoFormRow"><input type="hidden" name="queryParameters" class="mktoField mktoFieldDescriptor mktoFormCol" value="" style="margin-bottom: 10px;">
<div class="mktoClear"></div>
</div>
<div class="mktoFormRow"><input type="hidden" name="Last_PDF_CTA__c" class="mktoField mktoFieldDescriptor mktoFormCol" value="" style="margin-bottom: 10px;">
<div class="mktoClear"></div>
</div>
<div class="mktoButtonRow"><span class="mktoButtonWrap mktoSimple" style="margin-left: 0px;"><button type="submit" class="mktoButton">Get Newsletter</button></span></div><input type="hidden" name="formid" class="mktoField mktoFieldDescriptor"
value="1028"><input type="hidden" name="munchkinId" class="mktoField mktoFieldDescriptor" value="846-ESG-342"><input type="hidden" name="hiddenLandingPageURL" class="mktoField mktoFieldDescriptor"
value="https://www.synopsys.com/blogs/software-security/cyrc-advisory-prompt-injection-emailgpt.html"><input type="hidden" name="Last_Campaign_ID__c" class="mktoField mktoFieldDescriptor" value="#"><input type="hidden"
name="Last_Campaign_Name__c" class="mktoField mktoFieldDescriptor" value="#"><input type="hidden" name="autoresponderID" class="mktoField mktoFieldDescriptor" value="#"><input type="hidden" name="Alert_Email__c"
class="mktoField mktoFieldDescriptor" value="#">
</form><form novalidate="novalidate" class="mktoForm mktoHasWidth mktoLayoutAbove"
style="font-family: Helvetica, Arial, sans-serif; font-size: 14px; color: rgb(51, 51, 51); visibility: hidden; position: absolute; top: -500px; left: -1000px; width: 1600px;"></form>Text Content
Application Security
Application Security | Build trust in your software
* Support
* About Us
*
*
* English
* 日本語
close search bar
Sorry, not available in this language yet
close language selection
* English
* 日本語
* Manage Security Risks
* Build Security into DevOps
* Secure the Software Supply Chain
* Security News & Trends
* Contact Sales
* Blogs
* Chip Design
* Optical & Photonic
* Application Security
CYRC VULNERABILITY ADVISORY: CVE-2024-5184S PROMPT INJECTION IN EMAILGPT SERVICE
Synopsys Editorial Team
Jun 05, 2024 / 1 min read
Table of Contents
* Exploitation
* Impact
* Remediation
* Discovery credit
* About CVSS
SUBSCRIBE
Required Fields *
*
Email Address:
*
Country:
Select...AfghanistanAland
IslandsAlbaniaAlgeriaAndorraAngolaAnguillaAntarcticaAntigua and
BarbudaArgentinaArmeniaArubaAustraliaAustriaAzerbaijanBahamasBahrainBangladeshBarbadosBelarusBelgiumBelizeBeninBermudaBhutanBolivia,
Plurinational State ofBonaire, Sint Eustatius and SabaBosnia and
HerzegovinaBotswanaBouvet IslandBrazilBritish Indian Ocean TerritoryBrunei
DarussalamBulgariaBurkina FasoBurundiCambodiaCameroonCanadaCape VerdeCayman
IslandsCentral African RepublicChadChileChinaChristmas IslandCocos (Keeling)
IslandsColombiaComorosCongoCongo, the Democratic Republic of theCook
IslandsCosta RicaCote d'IvoireCroatiaCubaCuraçaoCyprusCzech
RepublicDenmarkDjiboutiDominicaDominican RepublicEcuadorEgyptEl
SalvadorEquatorial GuineaEritreaEstoniaEthiopiaFalkland Islands (Malvinas)Faroe
IslandsFijiFinlandFranceFrench GuianaFrench PolynesiaFrench Southern
TerritoriesGabonGambiaGeorgiaGermanyGhanaGibraltarGreeceGreenlandGrenadaGuadeloupeGuatemalaGuernseyGuineaGuinea-BissauGuyanaHaitiHeard
Island and McDonald IslandsHoly See (Vatican City State)HondurasHong
KongHungaryIcelandIndiaIndonesiaIran, Islamic Republic ofIraqIrelandIsle of
ManIsraelItalyJamaicaJapanJerseyJordanKazakhstanKenyaKiribatiKorea, Democratic
People's Republic ofKorea, Republic ofKuwaitKyrgyzstanLao People's Democratic
RepublicLatviaLebanonLesothoLiberiaLibyaLiechtensteinLithuaniaLuxembourgMacaoMacedonia,
the former Yugoslav Republic ofMadagascarMalawiMalaysiaMaldivesMaliMaltaMarshall
IslandsMartiniqueMauritaniaMauritiusMayotteMexicoMoldova, Republic
ofMonacoMongoliaMontenegroMontserratMoroccoMozambiqueMyanmarNamibiaNauruNepalNetherland
AntillesNetherlandsNew CaledoniaNew ZealandNicaraguaNigerNigeriaNiueNorfolk
IslandNorthern Mariana IslandsNorwayOmanPakistanPalestinePanamaPapua New
GuineaParaguayPeruPhilippinesPitcairnPolandPortugalPuerto
RicoQatarReunionRomaniaRussian FederationRwandaSaint BarthélemySaint Helena,
Ascension and Tristan da CunhaSaint Kitts and NevisSaint LuciaSaint Martin
(French part)Saint Pierre and MiquelonSaint Vincent and the GrenadinesSamoaSan
MarinoSao Tome and PrincipeSaudi ArabiaSenegalSerbiaSeychellesSierra
LeoneSingaporeSint Maarten (Dutch part)SlovakiaSloveniaSolomon
IslandsSomaliaSouth AfricaSouth Georgia and the South Sandwich IslandsSouth
SudanSpainSri LankaSudanSurinameSvalbard and Jan
MayenSwazilandSwedenSwitzerlandSyrian Arab RepublicTaiwanTajikistanTanzania,
United Republic ofThailandTimor-LesteTogoTokelauTongaTrinidad and
TobagoTunisiaTurkeyTurkmenistanTurks and Caicos IslandsTuvaluUgandaUkraineUnited
Arab EmiratesUnited KingdomUnited StatesUruguayUzbekistanVanuatuVenezuela,
Bolivarian Republic ofVietnamVirgin Islands, BritishWallis and FutunaWestern
SaharaYemenZambiaZimbabwe
Get Newsletter
OVERVIEW
The Synopsys Cybersecurity Research Center (CyRC) has exposed prompt injection
vulnerabilities in the EmailGPT service. EmailGPT is an API service and Google
Chrome extension that assists users in writing emails inside Gmail using
OpenAI's GPT models.
The service uses an API service that allows a malicious user to inject a direct
prompt and take over the service logic. Attackers can exploit the issue by
forcing the AI service to leak the standard hard-coded system
prompts and/or execute unwanted prompts.
--------------------------------------------------------------------------------
EXPLOITATION
When engaging with EmailGPT by submitting a malicious prompt that requests
harmful information, the system will respond by providing the requested data.
This vulnerability can be exploited by any individual with access to the
service.
AFFECTED SOFTWARE
* EmailGPT "main" branch
IMPACT
Exploitation of this vulnerability would lead to intellectual property leakage,
denial-of-service, and direct financial loss through an attacker making repeated
requests to the AI provider’s API which are pay-per-use.
* CVSS Base Score: 6.5 (Medium)
* CVSS 3.1 Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
REMEDIATION
The CyRC reached out to the developers but has not received a response within
the 90-day timeline dictated by our responsible disclosure policy. The CyRC
recommends removing the applications from networks immediately.
DISCOVERY CREDIT
This vulnerability was discovered by Mohammed Alshehri, a security researcher at
Synopsys.
TIMELINE
* February 26, 2024: Initial contact attempt
* April 4, 2024: Second contact attempt
* May 1, 2024: Final contact attempt
* June 5, 2024: Advisory published by Synopsys
REFERENCES
https://github.com/Coeeter/emailgpt
ABOUT CVSS
FIRST.Org, Inc (FIRST) is a non-profit organization based out of US that owns
and manages CVSS. It is not required to be a member of FIRST to utilize or
implement CVSS but FIRST does require any individual or organization give
appropriate attribution while using CVSS. FIRST also states that any individual
or organization that publishes scores follow the guideline so that anyone can
understand how the score was calculated.
* CyRC
* Security News & Trends
* Software Integrity
CONTINUE READING
Blog
1 min read / Jun 05, 2024
CYRC VULNERABILITY ADVISORY: CVE-2024-5184S PROMPT INJECTION IN EMAILGPT SERVICE
By Synopsys Editorial Team
Tags: Software Integrity, Security News & Trends, CyRC
Read Article
Blog
1 min read / May 28, 2024
CYRC VULNERABILITY ADVISORY: CVE-2024-5185 DATA POISONING VULNERABILITY IN
EMBEDAI APPLICATION
By Synopsys Editorial Team
Tags: Software Integrity, Security News & Trends, CyRC
Read Article
Blog
1 min read / May 08, 2024
CLEARLAKE CAPITAL GROUP AND FRANCISCO PARTNERS REACH AGREEMENT TO PURCHASE THE
SOFTWARE INTEGRITY GROUP
By Jason Schmitt
Tags: Software Integrity, Security News & Trends
Read Article
EXPLORE TOPICS
Agile, CI/CD
AppSec Best Practices
Artificial Intelligence
Automotive
Build Security into DevOps
Cloud Security
Compliance
Container Security
CyRC
DevSecOps
DAST
Financial Services
Fuzzing
Healthcare
IAST
Internet of Things
M&A
Manage Security Risks
Medical Devices
Mobile
Orchestration & Correlation
OSS License Compliance
Pen Testing
Program Strategy & Planning
Public Sector
SAST
SCA
Secure the Software Supply Chain
Security News & Trends
Threat Modeling
Threat & Risk Assessment
Training
Web Application Security
FOOTER
LEARN ABOUT APPSEC
* Manage Security Risks
* Build Security into DevOps
* Secure the Software Supply Chain
* Security News & Trends
* AppSec Glossary
RESOURCES FOR APPSEC
* Analyst Reports
* AppSec Community
* AppSec Solutions
* AppSec Tools
* Partners
* Security Training
CORPORATE
* About Us
* Careers
* ESG
* Inclusion & Diversity
* Investor Relations
* Contact Us
LEGAL
* Privacy
* Trademarks
* Software Integrity Agreements
Contact Sales
FOLLOW
*
*
*
*
*
FOLLOW
*
*
*
*
*
© 2024 Synopsys, Inc. All Rights Reserved
COOKIE PREFERENCE CENTER
* YOUR PRIVACY
* STRICTLY NECESSARY COOKIES
* FUNCTIONAL COOKIES
* PERFORMANCE COOKIES
* TARGETING COOKIES
YOUR PRIVACY
When you visit any website, it may store or retrieve information on your
browser, mostly in the form of cookies. This information might be about you,
your preferences or your device and is mostly used to make the site work as you
expect it to. The information does not usually directly identify you, but it can
give you a more personalized web experience. Because we respect your right to
privacy, you can choose not to allow some types of cookies. Click on the
different category headings to find out more and change our default settings.
However, blocking some types of cookies may impact your experience of the site
and the services we are able to offer.
More information
STRICTLY NECESSARY COOKIES
Always Active
These cookies are necessary for the website to function and cannot be switched
off in our systems. They are usually only set in response to actions made by you
which amount to a request for services, such as setting your privacy
preferences, logging in or filling in forms. You can set your browser to block
or alert you about these cookies, but some parts of the site will not then work.
These cookies do not store any personally identifiable information.
Cookies Details
FUNCTIONAL COOKIES
Functional Cookies
These cookies enable the website to provide enhanced functionality and
personalisation. They may be set by us or by third party providers whose
services we have added to our pages. If you do not allow these cookies then some
or all of these services may not function properly.
Cookies Details
PERFORMANCE COOKIES
Performance Cookies
These cookies allow us to count visits and traffic sources so we can measure and
improve the performance of our site. They help us to know which pages are the
most and least popular and see how visitors move around the site. All
information these cookies collect is aggregated and therefore anonymous. If you
do not allow these cookies we will not know when you have visited our site, and
will not be able to monitor its performance.
Cookies Details
TARGETING COOKIES
Targeting Cookies
These cookies may be set through our site by our advertising partners. They may
be used by those companies to build a profile of your interests and show you
relevant adverts on other sites. They do not store directly personal
information, but are based on uniquely identifying your browser and internet
device. If you do not allow these cookies, you will experience less targeted
advertising.
Cookies Details
Back Button
BACK
Vendor Search
Filter Button
Consent Leg.Interest
checkbox label label
checkbox label label
checkbox label label
* View Third Party Cookies
* Name
cookie name
Clear
checkbox label label
Apply Cancel
Save Settings
Allow All
YOUR PRIVACY
By clicking “Accept All Cookies”, you agree to the storing of cookies on your
device to enhance site navigation, analyze site usage, and assist in our
marketing efforts. Privacy Policy
Cookies Settings Accept All Cookies