News Security

Tenable Report: 70% of Cloud AI Workloads Contain Unresolved Vulnerabilities

Tenable

Research reveals security gaps in AI services across major cloud providers

A new Tenable Cloud AI Risk Report 2025 has uncovered significant vulnerabilities in cloud-based AI services, with 70% of AI workloads containing at least one unpatched security flaw. The study highlights risks in Amazon Web Services (AWS), Google Cloud Platform (GCP), and Microsoft Azure, emphasizing how misconfigurations and data exposure could compromise AI security.

Key findings include:

  • Critical vulnerabilities30% of AI workloads contain CVE-2023-38545, a major curl security flaw.
  • Overprivileged access risks77% of organizations using Google Vertex AI Notebooks have improperly configured default Compute Engine service accounts.
  • AI data poisoning threats14% of organizations using Amazon Bedrock fail to block public access to training data.
  • Root access concerns91% of Amazon SageMaker users have at least one notebook that, if compromised, could allow unauthorized modifications.

“Cloud security measures must evolve to meet the challenges of AI,” said Liat Hayun, VP of Research and Product Management, Cloud Security at Tenable“Organizations need to find a balance between securing AI data and enabling responsible AI innovation.”

Related posts

Sophos Unveils Next-Gen Partner Program to Accelerate Growth and Cybersecurity Innovation

Enterprise IT World MEA

Nutanix Named a Leader in Multicloud Container Platforms by Forrester

Enterprise IT World MEA

Empowering Workforce Safety and Skills Through Digital Innovation

Enterprise IT World MEA

Leave a Comment