Recent research at the University of Illinois Urbana-Champaign has demonstrated the ability of AI agents, specifically those utilizing OpenAI’s GPT-4 large language model (LLM), to autonomously exploit real-world security vulnerabilities by analyzing CVE advisories [2] [5].


The study focused on 15 known vulnerabilities in open source software, with GPT-4 successfully exploiting 87% of these vulnerabilities [1] [5] [6]. This surpasses the performance of other models and vulnerability scanners, showcasing the advanced capabilities of GPT-4 in identifying and exploiting critical severity vulnerabilities. The estimated cost for a successful exploit with GPT-4 is $8.80 per attack [2], making it a cost-effective option for cyber threats [2]. However, the effectiveness of GPT-4 relies on access to the CVE description, raising concerns about potential risks associated with widespread deployment of such powerful AI agents. Despite its success rate [3], GPT-4 has limitations, including the occurrence of false positives and negatives when assessing code. Organizations are advised to implement stringent security best practices to mitigate the risk of being hacked by AI agents exploiting vulnerabilities. GPT-4 has shown high success rates in exploiting various types of vulnerabilities [5], such as website, container [4] [5], and Python package vulnerabilities [4] [5]. The agent code is concise [5], making it a cost-effective and efficient tool for cyber attacks [2] [5]. The study also revealed that GPT-4’s success rate dropped to 7% when denied access to the CVE description, underscoring the importance of transparent information sharing in cybersecurity [2].


The use of AI agents for exploiting vulnerabilities is already more cost-effective than human labor and is expected to become even more potent with future models like GPT-5 [3]. This raises concerns about the potential impact of AI advancements on cybersecurity and underscores the need for robust defense mechanisms against malicious exploitation [3].