Amazon Rufus Guardrail Jailbreak via ASCII Integer Encoding
Case GUID: f48a25fc-5801-4712-8c79-a969dfac3253Summary
A guardrail jailbreak vulnerability has been discovered affecting Amazon Rufus. The specific flaw manifests through encoding the nefarious query into ASCII integer code format, thereby allowing the attacker to bypass inference restrictions around providing information hazards and violating laws.
Metadata
Social Impact Score
Level 3: Significant Risk
Violations at this level present a tangible risk to public safety or social well-being, often related to dangerous but not highly restricted content.
Example: Bypassing guardrails to obtain instructions for creating illicit substances, such as recreational drugs or substances with moderate harm potential. Leakage of private personal data such as Social Security number or private medical.
Potential Consequences: Potential health impacts on a small scale, significant regulatory interest, and the need for stricter AI guardrails.
Taxonomies
About 0Din.ai
The 0Day Investigative Network (0Din) was founded by Mozilla in 2024 to reward responsible researchers for their efforts in securing GenAI models. Learn more and submit discoveries at https://0din.ai.
Severity
Low
Security Boundary
Prompt Injection
Models
Amazon Rufus
Published On
2025-02-10 (about 2 months)
Credit
0Din Team