Meta has fastened a safety bug that allowed Meta AI chatbot customers to entry and look at the personal prompts and AI-generated responses of different customers.
Sandeep Hodkasia, the founding father of safety testing agency AppSecure, completely instructed iinfoai that Meta paid him $10,000 in a bug bounty reward for privately disclosing the bug he filed on December 26, 2024.
Meta deployed a repair on January 24, 2025, stated Hodkasia, and located no proof that the bug was maliciously exploited.
Hodkasia instructed iinfoai that he recognized the bug after analyzing how Meta AI permits its logged-in customers to edit their AI prompts to regenerate textual content and pictures. He found that when a consumer edits their immediate, Meta’s back-end servers assign the immediate and its AI-generated response a novel quantity. By analyzing the community visitors in his browser whereas enhancing an AI immediate, Hodkasia discovered he might change that distinctive quantity and Meta’s servers would return a immediate and AI-generated response of another person solely.
The bug meant that Meta’s servers weren’t correctly checking to make sure that the consumer requesting the immediate and its response was licensed to see it. Hodkasia stated the immediate numbers generated by Meta’s servers had been “simply guessable,” doubtlessly permitting a malicious actor to scrape customers’ unique prompts by quickly altering immediate numbers utilizing automated instruments.
When reached by iinfoai, Meta confirmed it fastened the bug in January and that the corporate “discovered no proof of abuse and rewarded the researcher,” Meta spokesperson Ryan Daniels instructed iinfoai.
Information of the bug comes at a time when tech giants are scrambling to launch and refine their AI merchandise, regardless of many safety and privateness dangers related to their use.
Meta AI’s stand-alone app, which debuted earlier this 12 months to compete with rival apps like ChatGPT, launched to a rocky begin after some customers inadvertently publicly shared what they thought had been personal conversations with the chatbot.
