Recently, the National Computer Network Emergency Response Technical Team/Coordination Center (CNCERT) issued a security warning about Ollama, an open-source, cross-platform large language model tool. The warning highlights critical security vulnerabilities in the tool's default configuration, potentially leading to unauthorized access and model theft, among other risks. This report has garnered significant attention, especially given the increasing adoption of Ollama by businesses and research institutions.
Analysis by the Tsinghua University Network Space Mapping Joint Research Center reveals that Ollama's vulnerabilities affect a broad range of users, particularly those who have opted for private deployments without modifying the default settings. Experts point out that many users neglect the potential dangers of default configurations during private deployments, leading to data breaches, computational resource theft, and service disruptions.
Attackers can easily exploit unauthorized access to invoke model services, obtain model information, and even delete model files or steal sensitive data using malicious commands. Such incidents can cause significant losses for businesses and research institutions.
Furthermore, attackers leveraging historical vulnerabilities in the Ollama framework can perform data poisoning, parameter theft, and malicious file uploads, compromising the integrity of the model service's core data and algorithms. Experts emphasize that numerous affected servers are currently exposed on the internet, urging users to intensify vulnerability checks and implement security enhancements promptly.
In response to these threats, users are advised to conduct thorough security checks. Upon detecting any signs of cyberattacks, they should immediately report to local public security cyber security departments and cooperate fully with investigations. Strengthening security awareness and preventive measures is crucial for ensuring network security.
