The Overlooked Threat: How a Year-Old ChatGPT Vulnerability Became a Major Security Crisis

In the rapidly evolving world of cybersecurity, it's often the flashiest vulnerabilities that capture headlines. However, as recent events have shown, even medium-severity vulnerabilities can pose significant threats when overlooked. A year-old vulnerability in a third-party ChatGPT tool has recently emerged as a major security concern, with attackers exploiting it to target financial institutions and U.S. government organizations.

What is the Vulnerability?

The vulnerability, identified as CVE-2024-27564, affects a third-party ChatGPT tool developed by a Chinese developer. Despite being commonly referred to as "ChatGPT," it's important to note that this tool is not made by OpenAI but rather provides an interface for interacting with the ChatGPT generative AI service.

This security flaw is a Server-Side Request Forgery (SSRF) vulnerability affecting the pictureproxy.php file of the application. It allows attackers to inject crafted URLs into the url parameter, forcing the application to make arbitrary requests without requiring any authentication. With a CVSS score of 6.5, it was initially classified as a medium-severity issue, which may explain why many organizations failed to prioritize patching it.

When Did This Become a Problem?

The vulnerability was initially reported in September 2023 and publicly disclosed a year ago. Proof-of-concept exploit code has been available for some time, but it wasn't until recently that cybersecurity researchers observed a significant surge in exploitation attempts.

According to cybersecurity firm Veriti, the exploitation trend showed a surge in January 2025, followed by a decrease in February and March, possibly indicating attackers' shifting tactics or responses to security measures.

Who is Behind the Attacks?

While the specific threat actors haven't been publicly identified, Veriti's research indicates that at least one threat actor has added an exploit for CVE-2024-27564 to its arsenal and has begun scanning the internet for vulnerable applications. What's particularly alarming is the scale of these attacks - within a single week, over 10,000 attack attempts were observed coming from just one IP address.

Who is Being Targeted?

The attacks have primarily targeted organizations in the United States, with a particular focus on the government and financial sectors. Approximately 33% of all attacks were directed at U.S.-based entities. Other affected countries include:

• Germany (7%)

• Thailand (7%)

• Indonesia

• Colombia

• United Kingdom

Within these regions, the most frequently targeted sectors include:

1. Government agencies

2. Financial institutions

3. Healthcare organizations

Why These Sectors?

There are several reasons why attackers might focus on these specific sectors:

Financial institutions are prime targets due to their dependency on AI-driven services and API integrations. These organizations handle vast amounts of sensitive financial data, making them lucrative targets. Successful attacks could lead to unauthorized transactions, data breaches, regulatory penalties, and significant reputational damage.

Government organizations typically store and process critical national security information and citizen data, making them high-value targets for both financially motivated attackers and nation-state actors.

Healthcare organizations maintain sensitive patient data and often rely on interconnected systems that can be vulnerable to SSRF attacks. According to a June 2024 report, the healthcare sector experienced 1,613 cyberattacks per week in the first three quarters of 2023, nearly four times the global average.

How Serious is the Threat?

Despite being classified as a medium-severity vulnerability, the real-world impact of CVE-2024-27564 has proven to be significant. Veriti's research found that approximately 35% of the targeted organizations are potentially at risk of exploitation due to misconfigurations in their protection solutions, including Intrusion Prevention Systems (IPS), Web Application Firewalls (WAF), and traditional firewalls.

As Veriti researchers noted, "Ignoring medium-severity vulnerabilities is a costly mistake, particularly for high-value financial organizations." The exploitation of this vulnerability serves as a stark reminder that attackers will exploit any weakness they can find, regardless of its severity rating.

Technical Details of the Exploitation

The SSRF vulnerability in the pictureproxy.php file allows attackers to manipulate the 'url' parameter to initiate arbitrary requests, potentially bypassing security controls. By injecting malicious URLs into ChatGPT input parameters, attackers can force the application to make unintended requests on their behalf.

This type of attack is particularly dangerous because:

1. It requires no authentication to exploit

2. It can be used to access internal resources or steal sensitive data

3. It can bypass network security measures by using the trusted application to make the malicious requests

Mitigation Strategies

For organizations that might be affected by this vulnerability, security experts recommend several immediate actions:

1. Review and update IPS, WAF, and firewall configurations to ensure protection against CVE-2024-27564

2. Monitor logs for attack attempts from known malicious IP addresses

3. Prioritize AI-related security gaps in risk assessments

4. Apply available patches for the vulnerable application

5. Implement proper input validation for any application that processes user-controlled URLs

Lessons Learned

This wave of attacks highlights several important lessons for cybersecurity professionals:

1. Severity scores don't always reflect real-world risk: Medium-severity vulnerabilities can become major threats when widely exploited

2. Timely patching is critical: The vulnerability was disclosed a year ago, yet many systems remain unpatched

3. Misconfigurations amplify risks: Even with protective technologies in place, misconfigurations can leave organizations vulnerable

4. AI systems introduce new attack surfaces: As organizations increasingly adopt AI technologies, they must account for the associated security risks

The exploitation of CVE-2024-27564 serves as a wake-up call for organizations using AI-driven services. In the current threat landscape, no vulnerability is too small to matter, and a comprehensive security strategy must address vulnerabilities of all severity levels, particularly in high-value targets like financial institutions and government organizations.

Sources:

1. SecurityWeek - "ChatGPT Tool Vulnerability Exploited Against US Government Organizations" - March 2025

2. Dark Reading - "Actively Exploited ChatGPT Bug Puts Organizations at Risk" - March 2025

3. Cybersecurity News - "ChatGPT Vulnerability Actively Exploited From 10,000+ IPs to Attack US Government Organizations" - March 2025

4. Tech Startups - "Hackers exploit ChatGPT vulnerability to target U.S. government and financial firms" - March 2025

5. Hackread - "Hackers Exploit ChatGPT with CVE-2024-27564, 10,000+ Attacks in a Week" - March 2025

6. Healthcare Finance News - "Cyberattackers exploiting ChatGPT vulnerability to target healthcare" - March 2025

7. SC Media - "US primarily targeted by attacks leveraging ChatGPT vulnerability" - March 2025

8. Veriti Research Report on CVE-2024-27564 - March 2025