AI Tools Exploit Vulnerabilities in CBSE Portals, Prompting Security Review
Severity: High (Score: 64.5)
Sources: Techlusive.In, M.Economictimes
Published: · Updated:
Keywords: cbse, claude, panel, cyber, attack, spotlight, tools
Severity indicators: ot, cyber attack
Summary
A panel from IIT Madras and IIT Kanpur discovered that AI tools, including Claude, were used to identify vulnerabilities in the CBSE's on-screen marking (OSM) portal. This breach raised concerns about the security knowledge of the vendor responsible for the system. Following the findings, sensitive data was transferred to a government-controlled AWS segment to mitigate risks. The review was initiated due to complaints from students regarding issues with answer sheet scans and portal performance. The IIT experts are conducting a comprehensive evaluation of CBSE's IT ecosystem, with a report expected to recommend improvements. The incident has drawn attention from cybersecurity agencies like CERT-In and the Ministry of Electronics and Information Technology. The scope of the impact extends to other examination platforms, including JEE Advanced, amid ongoing security checks. Key Points: • AI tools, including Claude, exploited vulnerabilities in CBSE's OSM portal. • Sensitive data was moved to a government-controlled AWS segment for security. • A comprehensive review of CBSE's IT systems is underway, involving IIT experts.
Detailed Analysis
**Impact** The Central Board of Secondary Education (CBSE) and its examination-related portals, including the On-Screen Marking (OSM) platform, were affected by vulnerabilities exploited using AI tools like Anthropic’s Claude. Millions of students across India rely on these systems for answer sheet scans, marks, admissions, and personal data, placing sensitive educational and personal information at risk. Operational disruptions included blurry or missing scanned answer sheets, incorrect totalling, slow portal performance, and payment failures during re-evaluation processes. The breach also prompted security reviews of related platforms such as JoSAA and JEE Advanced. **Technical Details** AI models, particularly Claude, were used to identify security weaknesses in CBSE’s OSM portal, indicating inadequate vendor security practices. Exploitation allowed unauthorized access to parts of the platform, leading to data being migrated to a government-controlled AWS environment. The exact CVEs or malware used were not disclosed. The incident involved reconnaissance and exploitation stages of the kill chain, leveraging AI-driven vulnerability discovery. No specific IOCs were provided in the available reports. **Recommended Response** Immediate actions include completing the ongoing comprehensive security review by IIT teams and implementing their recommendations. Harden configurations of examination portals, especially OSM, JoSAA, and JEE Advanced, focusing on access controls and vulnerability patching. Deploy enhanced monitoring for abnormal access patterns and AI-driven probing activities. Coordinate with CERT-In and MeitY for threat intelligence sharing and incident response support. Further technical details are needed to define specific patching or detection rules.
Source articles (2)
- Claude, other AI tools used to breach CBSE portals: IIT Panel — M.Economictimes · 2026-06-03
AI tools like Claude were used to find vulnerabilities in CBSE's on-screen marking portal, revealing the vendor's inadequate security knowledge. Following this, data was moved to a government-controll… - CBSE Cyber Attack: Claude AI under spotlight as IIT experts review CBSE's tech ecosystem — Techlusive.In · 2026-06-04
CBSE Cyber Attack: To the unexpected, Anthropic’s Claude AI came into the spotlight as an expert panel investigated the CBSE portal controversy. As per a report by The Economic Times, an expert panel…
Timeline
- 2026-06-03 — IIT panel discovers AI tools exploited CBSE portals: An expert panel from IIT Madras and IIT Kanpur found that AI tools were used to breach the CBSE's OSM portal, revealing security inadequacies.
- 2026-06-04 — Techlusive reports on CBSE cyber attack investigation: Techlusive highlighted that the IIT-led team is reviewing CBSE's tech systems after vulnerabilities were identified, with a report expected soon.