Source: www.infosecurity-magazine.com – Author:
A growing number of AI-linked servers known as Model Context Protocol (MCP) servers have been observed to be misconfigured and vulnerable to serious security threats, according to new research.
An analysis by Backslash Security revealed that hundreds of these systems could expose users to data breaches and remote code execution (RCE) attacks.
MCP servers, first introduced in late 2024, allow AI applications to access external or private data not included in their training models. These servers have quickly become a key part of many organizations’ AI infrastructure, with over 15,000 now in use worldwide. However, their rapid adoption has outpaced secure deployment practices.
“It’s like the arms race as to how many APIs can I enable to be accessible via AI to give an immediate uplift in functionality,” said James Sherlow, systems engineering director, EMEA at Cequence Security.
“However, MCPs are proxies and can inadvertently obfuscate the client side actor.”
The analysis covered more than 7000 MCP servers currently accessible on the public Web.
Of these, hundreds were found to be exposed to anyone on the same local network due to a vulnerability dubbed “NeighborJack,” and around 70 had severe flaws, including unchecked input handling and excessive permissions.
In several cases, both issues were present, which could allow an attacker to completely take over the host machine.
The research team also highlighted that MCPs can be used in context poisoning attacks, where the data that large language models (LLMs) rely on is tampered with, leading to manipulated outputs.
No malicious MCPs were identified during the study; however, many were left unprotected due to poor setup or a lack of authentication.
To address the growing risks, Backslash Security has introduced the MCP Server Security Hub, a searchable database evaluating the security posture of over 7000 MCP servers. A free self-assessment tool is also available to audit “vibe coding” environments.
Backslash recommends several precautions to defend against similar threats:
-
Limit access to local network interfaces (127.0.0.1)
-
Validate all external inputs
-
Restrict file system access to necessary directories
-
Avoid exposing internal logs or secrets in AI responses
-
Implement strict authentication and access controls
Without clear standards and stronger safeguards, the rapid expansion of MCP servers may continue to introduce hidden risks into AI environments.
Original Post URL: https://www.infosecurity-magazine.com/news/mcp-servers-risk-rce-data-leaks/
Category & Tags: –
Views: 0
