Skip to content
Longterm Wiki
Back

Research from the University of Illinois

web
ibm.com·ibm.com/think/insights/chatgpt-4-exploits-87-percent-one-...

Key empirical evidence that frontier LLMs lower the barrier to cyberattacks; relevant to AI risk assessments, deployment policy debates, and discussions of capability thresholds for dangerous use.

Metadata

Importance: 72/100news articlenews

Summary

This IBM Think article summarizes University of Illinois research demonstrating that GPT-4 can autonomously exploit 87% of 'one-day' (recently disclosed but unpatched) cybersecurity vulnerabilities when given CVE descriptions. The finding highlights the dual-use risk of advanced LLMs as tools for automated cyberattacks, requiring only publicly available vulnerability information to achieve high exploitation rates.

Key Points

  • GPT-4 successfully exploited 87% of one-day vulnerabilities in controlled tests when provided CVE descriptions.
  • The research used real-world CVEs, showing LLMs can translate public vulnerability disclosures into working exploits.
  • Weaker models (GPT-3.5, open-source LLMs) performed significantly worse, suggesting capability thresholds matter for cyber risk.
  • Findings raise urgent questions about responsible disclosure timelines and LLM access controls in security contexts.
  • Demonstrates that frontier AI models represent a qualitative leap in the accessibility of cyberattack capabilities.

Cited by 1 page

PageTypeQuality
Cyberweapons RiskRisk91.0

Cached Content Preview

HTTP 200Fetched Mar 20, 202614 KB
[Skip to content](https://www.ibm.com/think/insights/chatgpt-4-exploits-87-percent-one-day-vulnerabilities#main-content)[IBM logo](https://www.ibm.com/)

Software

Infrastructure

[Consulting](https://www.ibm.com/consulting?lnk=L0G)Support

[Overview](https://www.ibm.com/mysupport/s/?language=en_US&lnk=flathl)[Community](https://community.ibm.com/community/user/community?lnk=flathl)[Developer](https://developer.ibm.com/?lnk=flathl)[Documentation](https://www.ibm.com/docs/en?lnk=flathl)[IBM Cloud platform](https://www.ibm.com/products/cloud/support?lnk=flathl)[Implementation](https://www.ibm.com/products/expertlabs?lnk=flatitem)[Training](https://www.ibm.com/training/?lnk=flathl)[Technology Lifecycle Services](https://www.ibm.com/services/technology-lifecycle-services?lnk=flathl)[Think 2026](https://www.ibm.com/events/think)

[Cart](https://www.ibm.com/store/en/us/checkout)

My IBM
Log in


[Think](https://www.ibm.com/think)

- [Artificial intelligence](https://www.ibm.com/think/artificial-intelligence)
- [Cloud](https://www.ibm.com/think/cloud)
- [Security](https://www.ibm.com/think/security)
- [News](https://www.ibm.com/think/news)
- Videos






  - [Overview](https://www.ibm.com/think/videos)
  - [AI Academy](https://www.ibm.com/think/videos/ai-academy)
  - [Think 2025 on demand](https://www.ibm.com/think/videos/think-keynotes)
  - [Webinars](https://www.ibm.com/think/webinars)

- Reports






  - [Cost of a Data Breach Report 2025](https://www.ibm.com/reports/data-breach)
  - [The 2025 CEO Study](https://www.ibm.com/thought-leadership/institute-business-value/c-suite-study/ceo)
  - [IBM X-Force 2025 Threat Intelligence Index](https://www.ibm.com/thought-leadership/institute-business-value/report/2025-threat-intelligence-index)
  - [Industries in the AI era](https://www.ibm.com/thought-leadership/institute-business-value/report/industries-ai-era)
  - [Orchestrating agentic AI for intelligent business operations](https://www.ibm.com/thought-leadership/institute-business-value/report/agentic-process-automation)
  - [Scaling supply chain resilience: Agentic AI for autonomous operations](https://www.ibm.com/thought-leadership/institute-business-value/report/supply-chain-ai-automation-oracle)
  - [AI in Action report](https://www.ibm.com/think/reports/ai-in-action)
  - [State of Sustainability Readiness Report](https://www.ibm.com/think/reports/sustainability-readiness)
  - [View all IBV reports](https://www.ibm.com/thought-leadership/institute-business-value)

- Podcasts






  - [Overview](https://www.ibm.com/think/podcasts)
  - [AI in Action](https://www.ibm.com/think/podcasts/ai-in-action)
  - [Mixture of Experts](https://www.ibm.com/think/podcasts/mixture-of-experts)
  - [Security Intelligence](https://www.ibm.com/think/podcasts/security-intelligence)
  - [Smart Talks with IBM](https://www.ibm.com/think/podcasts/smart-talks)
  - [Techsplainers](https://www.ibm.com/think/podcasts/techsplainers)
  - [The Coherence Times](https://www.ibm.com/th

... (truncated, 14 KB total)
Resource ID: 674736d5e6082df6 | Stable ID: ODE2NDkxNT