In late 2024, Anthropic introduced the Model Context Protocol (MCP), a groundbreaking standard for connecting Large Language Models (LLMs) to various data sources and APIs. While MCP simplifies these connections, its optional authorization feature has raised security concerns. Many servers are exposed online without authorization, allowing easy access to sensitive data and tools—potentially detrimental if exploited.
Our research uncovered around 1,000 exposed MCP servers that lack authorization, highlighting a critical oversight in deployment. These unsecured servers can expose databases, third-party APIs, and even allow remote code execution, posing severe risks.
Organizations using MCP must prioritize security. Avoid exposing servers to the internet unless necessary, and when doing so, implement robust authorization, such as OAuth 2.1, to safeguard against malicious exploitation. As the adoption of MCP increases, awareness and adherence to security best practices will be crucial to mitigate risks effectively.
Source link
