"This flaw enables Arbitrary Command Execution (RCE) on any system running a vulnerable MCP implementation, granting attackers direct access to sensitive user data, internal databases, API keys, and chat histories."
"The systemic vulnerability is baked into Anthropic's official MCP software development kit (SDK) across any supported language, including Python, TypeScript, Java, and Rust."
"These vulnerabilities fall under four broad categories, effectively triggering remote command execution on the server, including unauthenticated command injection via MCP STDIO."
Researchers identified a significant vulnerability in the Model Context Protocol's architecture, enabling remote code execution on vulnerable systems. This flaw allows attackers to access sensitive user data and internal databases. The vulnerability is inherent in Anthropic's MCP SDK, impacting multiple programming languages and affecting over 7,000 servers with more than 150 million downloads. Ten specific vulnerabilities have been discovered, categorized into four types of command injection, which can be exploited without authentication, posing a serious risk to the AI supply chain.
Read at The Hacker News
Unable to calculate read time
Collection
[
|
...
]