CVE-2025-63664
📋 TL;DR
This vulnerability allows unauthorized attackers to access other users' message history with AI agents through an incorrect access control flaw in the GT Edge AI Platform's conversations API. Any organization using GT Edge AI Platform before version 2.0.10-dev is affected, potentially exposing sensitive user-AI interactions.
💻 Affected Systems
- GT Edge AI Platform
📦 What is this software?
⚠️ Risk & Real-World Impact
Worst Case
Complete exposure of all user conversations with AI agents, potentially revealing sensitive business information, personal data, or proprietary AI interactions to unauthorized parties.
Likely Case
Unauthorized access to random user conversations, leading to privacy violations and potential data leakage of sensitive discussions with AI agents.
If Mitigated
Limited exposure of non-sensitive conversations or partial data if additional network segmentation and monitoring are in place.
🎯 Exploit Status
Exploitation requires API access but no authentication to access other users' conversations. The GitHub reference suggests research is available.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: v2.0.10-dev
Vendor Advisory: Not provided in references
Restart Required: Yes
Instructions:
1. Backup current configuration and data. 2. Download v2.0.10-dev from official vendor source. 3. Stop the GT Edge AI Platform service. 4. Apply the update. 5. Restart the service. 6. Verify the fix.
🔧 Temporary Workarounds
API Endpoint Restriction
allRestrict access to the vulnerable /api/v1/conversations/*/messages endpoint using network controls or web application firewall rules.
Authentication Enforcement
allImplement additional authentication checks at the application level for all conversation API requests.
🧯 If You Can't Patch
- Implement strict network segmentation to isolate the GT Edge AI Platform from untrusted networks.
- Deploy a web application firewall with rules to detect and block unauthorized conversation access attempts.
🔍 How to Verify
Check if Vulnerable:
Test if unauthorized API requests to /api/v1/conversations/*/messages return other users' conversation data when authenticated as a different user.Check Version:
Check the platform version through admin interface or configuration files specific to GT Edge AI Platform deployment.Verify Fix Applied:
After patching, verify that unauthorized API requests to the conversations endpoint return proper access denied errors and no user data.📡 Detection & Monitoring
Log Indicators:
- Multiple failed authentication attempts followed by successful conversation API access
- API requests to /api/v1/conversations/*/messages from unauthorized users
- Unusual patterns of conversation access across different user IDs
Network Indicators:
- Unusual volume of requests to conversation endpoints
- API calls accessing conversation IDs not belonging to the authenticated user
SIEM Query:
source="gt-edge-ai" AND (uri_path="/api/v1/conversations/*/messages" AND user_id!=conversation_owner)