Trend Micro Warns of Thousands of Exposed AI Servers
Trend Micro (TMICY) has released a critical cybersecurity report highlighting significant vulnerabilities in AI infrastructure deployment. The research reveals over 12,200 exposed AI servers including 200+ ChromaDB servers, 2,000 Redis servers, and 10,000+ Ollama servers accessible without authentication.
The report identifies four major security challenges: vulnerabilities in critical components, accidental internet exposure, open-source component vulnerabilities, and container-based weaknesses. Researchers discovered zero-day vulnerabilities in core components including ChromaDB, Redis, NVIDIA Triton, and NVIDIA Container Toolkit.
To mitigate these risks, Trend Micro recommends implementing improved patch management, maintaining software component inventory, following container security best practices, and conducting regular configuration checks.
Trend Micro (TMICY) ha pubblicato un rapporto critico sulla cybersecurity che evidenzia vulnerabilità significative nell'implementazione delle infrastrutture AI. La ricerca rivela oltre 12.200 server AI esposti, tra cui più di 200 server ChromaDB, 2.000 server Redis e oltre 10.000 server Ollama accessibili senza autenticazione.
Il rapporto individua quattro principali sfide di sicurezza: vulnerabilità nei componenti critici, esposizione accidentale su internet, vulnerabilità nei componenti open-source e debolezze legate ai container. I ricercatori hanno scoperto vulnerabilità zero-day in componenti fondamentali come ChromaDB, Redis, NVIDIA Triton e NVIDIA Container Toolkit.
Per mitigare questi rischi, Trend Micro consiglia di implementare una gestione delle patch più efficace, mantenere un inventario aggiornato dei componenti software, seguire le migliori pratiche di sicurezza per i container e effettuare controlli regolari delle configurazioni.
Trend Micro (TMICY) ha publicado un informe crÃtico de ciberseguridad que destaca vulnerabilidades significativas en la implementación de infraestructuras de IA. La investigación revela más de 12,200 servidores de IA expuestos, incluyendo más de 200 servidores ChromaDB, 2,000 servidores Redis y más de 10,000 servidores Ollama accesibles sin autenticación.
El informe identifica cuatro grandes desafÃos de seguridad: vulnerabilidades en componentes crÃticos, exposición accidental en internet, vulnerabilidades en componentes de código abierto y debilidades relacionadas con contenedores. Los investigadores descubrieron vulnerabilidades zero-day en componentes clave como ChromaDB, Redis, NVIDIA Triton y NVIDIA Container Toolkit.
Para mitigar estos riesgos, Trend Micro recomienda implementar una mejor gestión de parches, mantener un inventario de componentes de software, seguir las mejores prácticas de seguridad para contenedores y realizar revisiones regulares de configuración.
Trend Micro (TMICY)ëŠ� AI ì¸í”„ë� 배치ì—ì„œ 심ê°í•� 취약ì ì„ ê°•ì¡°í•˜ëŠ” 중요í•� 사ì´ë²„ë³´ì•� ë³´ê³ ì„œë¥¼ 발표했습니다. 연구ì—� 따르ë©� ì¸ì¦ ì—†ì´ ì ‘ê·¼ 가능한 200ê°� ì´ìƒì� ChromaDB 서버, 2,000ê°œì˜ Redis 서버, 10,000ê°� ì´ìƒì� Ollama 서버ë¥� í¬í•¨í•� 12,200ê°� ì´ìƒì� 노출ë� AI 서버가 있습니다.
ë³´ê³ ì„œëŠ” ë„� 가지 주요 보안 ë¬¸ì œë¥� 지ì 합니다: 핵심 구성 요소ì� 취약ì �, ìš°ë°œì ì¸ ì¸í„°ë„� 노출, 오픈 소스 구성 요소ì� 취약ì �, 컨테ì´ë„ˆ 기반 약ì . ì—°êµ¬ì§„ì€ ChromaDB, Redis, NVIDIA Triton, NVIDIA Container Toolkit ë“� 핵심 구성 요소ì—ì„œ ì œë¡œë°ì´ 취약ì ì„ ë°œê²¬í–ˆìŠµë‹ˆë‹¤.
ì´ëŸ¬í•� 위험ì� 완화하기 위해 Trend MicroëŠ� 패치 ê´€ë¦� ê°œì„ , 소프트웨ì–� 구성 요소 ì¸ë²¤í† 리 ìœ ì§€, 컨테ì´ë„ˆ 보안 모범 사례 준ìˆ�, ì •ê¸°ì ì¸ êµ¬ì„± ì ê²€ì� 권장합니ë‹�.
Trend Micro (TMICY) a publié un rapport critique sur la cybersécurité mettant en lumière des vulnérabilités majeures dans le déploiement des infrastructures d'IA. La recherche révèle plus de 12 200 serveurs d'IA exposés, dont plus de 200 serveurs ChromaDB, 2 000 serveurs Redis et plus de 10 000 serveurs Ollama accessibles sans authentification.
Le rapport identifie quatre principaux défis de sécurité : vulnérabilités dans les composants critiques, exposition accidentelle sur internet, vulnérabilités des composants open-source et faiblesses liées aux conteneurs. Les chercheurs ont découvert des vulnérabilités zero-day dans des composants clés tels que ChromaDB, Redis, NVIDIA Triton et NVIDIA Container Toolkit.
Pour atténuer ces risques, Trend Micro recommande de mettre en place une meilleure gestion des correctifs, de maintenir un inventaire des composants logiciels, de suivre les bonnes pratiques de sécurité des conteneurs et de réaliser des vérifications régulières des configurations.
Trend Micro (TMICY) hat einen kritischen Cybersecurity-Bericht veröffentlicht, der erhebliche Schwachstellen bei der Bereitstellung von KI-Infrastrukturen aufzeigt. Die Untersuchung enthüllt über 12.200 exponierte KI-Server, darunter mehr als 200 ChromaDB-Server, 2.000 Redis-Server und über 10.000 Ollama-Server, die ohne Authentifizierung zugänglich sind.
Der Bericht identifiziert vier große Sicherheitsherausforderungen: Schwachstellen in kritischen Komponenten, unbeabsichtigte Internet-Exposition, Schwachstellen in Open-Source-Komponenten und Container-basierte Schwächen. Forscher entdeckten Zero-Day-Schwachstellen in Kernkomponenten wie ChromaDB, Redis, NVIDIA Triton und NVIDIA Container Toolkit.
Um diese Risiken zu mindern, empfiehlt Trend Micro die Implementierung eines verbesserten Patch-Managements, die Pflege eines Inventars der Softwarekomponenten, die Befolgung von Best Practices für Containerschutz und regelmäßige Konfigurationsüberprüfungen.
- Comprehensive identification of over 12,200 vulnerable AI servers, demonstrating leadership in cybersecurity research
- Discovery of critical zero-day vulnerabilities in major AI components, positioning Trend Micro as a key security authority
- Strategic recommendations provided for risk mitigation, enhancing customer value proposition
- Exposure of significant vulnerabilities could impact Trend Micro's AI-related products and services
- Findings may lead to increased scrutiny of Trend Micro's own AI security practices
Latest research reveals mounting infrastructure-level risks from diverse componentsÌý
To learn more about how network defenders and adversaries are using AI, read Trend Micro State of AI Security Report, 1H 2025:
Rachel Jin, Chief Enterprise Platform Officer at Trend: "AI may represent the opportunity of the century for global businesses. But those rushing in too fast without taking adequate security precautions may end up causing more harm than good. As our report reveals, too much AI infrastructure is already being built from unsecured and/or unpatched components,Ìýcreating an open door for threat actors."
Trend's report highlights several :
1)Ìý Vulnerabilities/exploits in critical components
Organizations wishing to develop, deploy and use AI applications must leverage multiple specialized software components and frameworks, which may contain vulnerabilities one may find in regular software. The report reveals zero-day vulnerabilities and exploits in core components including ChromaDB, Redis, NVIDIA Triton, and NVIDIA Container Toolkit.
2)Ìý Accidental exposure to the internet
Vulnerabilities are often the result of rushed development and deployment timelines, as are instances when Ìýare accidentally exposed to the internet, where they can be probed by adversaries. As detailed in the report, Trend has found 200+ ChromaDB servers, 2,000 Redis servers, and 10,000+ Ollama servers exposed to the internet with no authentication.
3)Ìý Vulnerabilities in open-source components
Many AI frameworks and platforms use open-source software libraries to provide common functionality.Ìý However, open-source components often contain vulnerabilities that end up creeping into production systems, where they are hard to detect. At the recent ÌýBerlin, which featured a new AI category, researchers uncovered an exploit for the Redis vector database, which stemmed from an outdated Lua component.
4)Ìý Container-based weaknesses
A great deal of AI infrastructure runs on containers, meaning it is exposed to the same security vulnerabilities and threats that impact cloud and container environments. As outlined in the report, Pwn2Own researchers were able to uncover an exploit for the NVIDIA Container Toolkit. Organizations should sanitize inputs and monitor runtime behaviorÌýto mitigate such risks.
Stuart MacLellan, CTO, NHS SLAM: "There are still lots of questions around AI models and how they could and should be used. We now get much more information now than we ever did about the visibility of devices and what applications are being used. It's interesting to collate that data and get dynamic, risk-based alerts on people and what they're doing depending on policies and processes. That's going to really empower the decisions that are made organizationally around certain products."
Both the developer community and its customers must better balance security with time to market in order to mitigate the risks outlined above. Concrete steps could include:
- Improved patch management and vulnerability scans
- Maintaining an inventory of all software components, including third-party libraries and subsystems
- Container management security best practices, including using minimal base images and runtime security tools
- Configuration checks to ensure AI infrastructure components, like servers aren't exposed to the internet
About Trend Micro
Trend Micro, a global cybersecurity leader, helps make the world safe for exchanging digital information.ÌýFueled by decades of security expertise, global threat research, and continuous innovation, Trend Micro's AI-powered cybersecurity platform protects hundreds of thousands of organizations and millions of individuals across clouds, networks, devices, and endpoints.ÌýAs a leader in cloud and enterprise cybersecurity, Trend's platform delivers a powerful range of advanced threat defense techniques optimized for environments like AWS, Microsoft, and Google, and central visibility for better, faster detection and response.ÌýWith 7,000 employees across 70 countries, Trend Micro enables organizations to simplify and secure their connected world. .
Ìý
Ìý
View original content to download multimedia:
SOURCE Trend Micro Incorporated
FAQ
How many AI servers did Trend Micro (TMICY) find exposed to potential cyber attacks?
What are the main security challenges in AI infrastructure identified by Trend Micro?
Which critical AI components were found to have vulnerabilities by Trend Micro?
What solutions does Trend Micro recommend for securing AI infrastructure?
Why is the Trend Micro AI security report significant for cybersecurity in 2025?
