# GPT-4 Can Exploit Real Vulnerabilities by Reading Advisories

May 2, 2024

—

GPT-4: A Cleaner Look at AI’s Role in Cybersecurity

Researchers analyze AI’s ability to identify security flaws.

In a recent analysis, researchers have determined that GPT-4, an advanced large language model, has the potential to pinpoint and utilize known security vulnerabilities by examining CVE (Common Vulnerabilities and Exposures) advisories. This application of AI technology demonstrates a notable advantage over both existing models and widely-used open-source vulnerability scanners. It is highlighted that, compared to hiring a professional human for penetration testing, implementing GPT-4 for the same purpose significantly reduces costs. Nonetheless, the research indicates that merely restricting access to security data will not act as an effective deterrent against AI-operated threats. Experts expect upcoming AI models to showcase even more refined capabilities in this domain.