VU#733789: ChatGPT-4o contains... Note

VU#733789: ChatGPT-4o contains security bypass vulnerability through time and search functions called "Time Bandit"

A jailbreak vulnerability called "Time Bandit" was discovered in ChatGPT-4o, allowing attackers to bypass safety guardrails and instruct the AI to provide illicit or dangerous content. The vulnerability can be initiated by prompting the AI with questions about a specific time period in history, either through the Search function or by prompting the AI directly. Once a historical timeframe is established, the attacker can exploit timeline confusion and procedural ambiguity to circumvent safety guidelines. This can result in ChatGPT generating illicit content, which could be leveraged at scale by a motivated threat actor for malicious purposes. The vulnerability can be exploited in two ways, either through direct prompts or by using the Search function, with the latter requiring user authentication. During testing, the CERT/CC was able to replicate the jailbreak, but ChatGPT removed the prompt and stated that it violated usage policies. However, ChatGPT would then proceed to answer the removed prompt, and this activity was replicated several times. The jailbreak was more successful when using a time frame within the 1800s or 1900s. The vulnerability bypasses the security and safety guidelines of OpenAI, allowing an attacker to abuse ChatGPT for malicious purposes, such as creating phishing emails and malware. OpenAI has since mitigated the vulnerability, stating that they are committed to developing their models safely and preventing them from being used for malicious purposes.