2025-07-01 –, Room 2
As AI workloads migrate to the cloud, Cloud Service Providers are rapidly evolving their GPU offerings. These multi-tenant environments are often built on NVIDIA Container Toolkit, the industry-standard framework for running GPU-based containerized apps. In this talk, we will show you how a single vulnerability in this fundamental framework impacted the entire CSP ecosystem – and how each environment handled a brand-new 0-day vulnerability.
We’ll walk through our discovery of a container escape vulnerability in this foundational layer of GPU infrastructure, and its real-life implications across 3 different cloud providers: Azure, DigitalOcean, and Replicate. Each case began with a standard customer workload running our exploit – but the outcomes varied widely. One led to minor impact; another with lateral movement that triggered blue teamers; and one resulted in complete service takeover.
Join us to gain a firsthand look on how major cloud providers build their environments, and the anatomy of a container escape vulnerability in the wild. Finally, learn how to build stronger guardrails in the cloud, by examining the flaws and misconfigurations we were able to exploit.
Hillai Ben-Sasson (@hillai) is a Security Researcher based in Israel. As part of the Wiz Research Team, Hillai specializes in research and exploitation of web applications, application security, and finding vulnerabilities in complex high-level systems. Hillai is a frequent speaker in security conferences and has been recognized in MSRC's Most Valuable Researchers leaderboard.
Andres is an application and cloud security expert with deep expertise in offensive security and Internet-scale vulnerability research. He has worked extensively as an application security consultant, founded a security consultancy firm, and led web security initiatives as Director at Rapid7, where he contributed to advancing vulnerability scanning capabilities.
Over the years, he has authored multiple open-source tools focused on web and cloud security, which have been widely adopted by the security community and featured in international security conferences.
Currently, Andres is part of the Vulnerability Research team at Wiz, specializing in cloud security and large-scale vulnerability discovery.