News Security

Tenable Report: 70% of Cloud AI Workloads Contain Unresolved Vulnerabilities

Tenable

Research reveals security gaps in AI services across major cloud providers

A new Tenable Cloud AI Risk Report 2025 has uncovered significant vulnerabilities in cloud-based AI services, with 70% of AI workloads containing at least one unpatched security flaw. The study highlights risks in Amazon Web Services (AWS), Google Cloud Platform (GCP), and Microsoft Azure, emphasizing how misconfigurations and data exposure could compromise AI security.

Key findings include:

  • Critical vulnerabilities30% of AI workloads contain CVE-2023-38545, a major curl security flaw.
  • Overprivileged access risks77% of organizations using Google Vertex AI Notebooks have improperly configured default Compute Engine service accounts.
  • AI data poisoning threats14% of organizations using Amazon Bedrock fail to block public access to training data.
  • Root access concerns91% of Amazon SageMaker users have at least one notebook that, if compromised, could allow unauthorized modifications.

“Cloud security measures must evolve to meet the challenges of AI,” said Liat Hayun, VP of Research and Product Management, Cloud Security at Tenable“Organizations need to find a balance between securing AI data and enabling responsible AI innovation.”

Related posts

ESET Named Finalist in SC Awards 2025 for Ransomware Remediation Excellence

Enterprise IT World MEA

OPSWAT to Showcase Critical Infrastructure Cybersecurity Innovation at GISEC Global 2025

Enterprise IT World MEA

BeyondTrust Report Reveals Record-Breaking Microsoft Vulnerabilities in 2024

Enterprise IT World MEA

Leave a Comment