Narayan AmmachchiLenovo has confirmed and fixed a security weakness in its ChatGPT-powered customer service assistant, Lena, after researchers showed how the system could be tricked into exposing sensitive information.
The investigation by Cybernews revealed that with a single, 400-character prompt, attackers could take over session cookies from Lenovo’s support agents. These cookies would allow unauthorized access to live chats and historical records — without requiring any login credentials.
The flaw worked by getting Lena to generate a hidden malicious link as part of its response. When the link failed to load, the browser was prompted to send session cookies to an external server controlled by the attacker. Researchers said the problem occurred because Lena neither checked user inputs nor reviewed its own outputs, unintentionally helping deliver the attack.
Lenovo emphasized that there is no evidence of any customer data being stolen. The company acted quickly to close the security gap after being notified.
The findings come amid rising concern about the security of AI-powered customer service tools, following similar incidents with other companies’ chatbots.
Cybernews researchers warned: “Everyone knows chatbots can be tricked with prompts. What’s surprising is that Lenovo, despite knowing about these risks, had not put safeguards in place.”
Add comment