PandasAI Prompt Injection Vulnerability Leading to Remote Code Execution

A prompt injection vulnerability has been identified in PandasAI, an open-source Python library that facilitates natural language processing and data analysis. This vulnerability allows attackers to inject malicious Python code into prompts, which the library's large language model (LLM) can execute. As a result, arbitrary code execution is possible, potentially compromising the system running PandasAI. The issue arises from the library's failure to properly separate code from data in its interactive prompt function, trusting all code generated by the LLM.

Impact

Exploitation of this vulnerability allows for arbitrary code execution on the system where PandasAI is running, potentially leading to a complete compromise of that environment.

Remediation

Users can update to PandasAI version 2.4.4 or later, where this vulnerability has been addressed. Additionally, SinaptikAI has introduced a Security parameter in the configuration file, allowing users to select from three security configurations: Standard, Advanced, or None. More information can be found in the PandasAI documentation.