News Security

Tenable Report: 70% of Cloud AI Workloads Contain Unresolved Vulnerabilities

Tenable

Research reveals security gaps in AI services across major cloud providers

A new Tenable Cloud AI Risk Report 2025 has uncovered significant vulnerabilities in cloud-based AI services, with 70% of AI workloads containing at least one unpatched security flaw. The study highlights risks in Amazon Web Services (AWS), Google Cloud Platform (GCP), and Microsoft Azure, emphasizing how misconfigurations and data exposure could compromise AI security.

Key findings include:

  • Critical vulnerabilities30% of AI workloads contain CVE-2023-38545, a major curl security flaw.
  • Overprivileged access risks77% of organizations using Google Vertex AI Notebooks have improperly configured default Compute Engine service accounts.
  • AI data poisoning threats14% of organizations using Amazon Bedrock fail to block public access to training data.
  • Root access concerns91% of Amazon SageMaker users have at least one notebook that, if compromised, could allow unauthorized modifications.

“Cloud security measures must evolve to meet the challenges of AI,” said Liat Hayun, VP of Research and Product Management, Cloud Security at Tenable“Organizations need to find a balance between securing AI data and enabling responsible AI innovation.”

Related posts

Trust, Data and Agentic AI: Why Middle East Enterprises Must Get the Foundation Right

Enterprise IT World MEA

SANS Institute Launches Falcon 180 Mission to Boost Cybersecurity Skills Across Middle East, Türkiye and Africa

Enterprise IT World MEA

IFS and Chelsea FC Partner to Deploy Industrial AI Across Football Club Operations

Enterprise IT World MEA

Leave a Comment