Impact
A flaw in AutoGPT’s StepThroughItemsBlock allows an attacker to repeatedly iterate through a list of items and trigger FileStoreBlock to download each item individually, even when the files are small. Because StepThroughItemsBlock imposes no limit on the number of iterations and FileStoreBlock does not enforce a disk‑space quota, an attacker can repeatedly download large files until the working directory consumes all available disk capacity. This resource exhaustion leads to a denial of service where the system becomes unresponsive or crashes. The weakness is a classic CWE‑400 resource‑exhaustion flaw.
Affected Systems
All instances of Significant‑Gravitas AutoGPT versions earlier than 0.6.63 are affected. The vulnerability is present in the default installation and any user‑configured AutoGPT agent that includes StepThroughItemsBlock without constraints.
Risk and Exploitability
The CVSS score of 8.7 indicates a high severity vulnerability. No EPSS score is available, and the issue is not listed in the CISA KEV catalog. Based on the description, it is inferred that the attack vector likely involves an adversary being able to influence the AutoGPT workflow—either by crafting a malicious agent or by manipulating an existing workflow to create a loop of file downloads. Once the attacker can control the loop, the absence of a disk‑space quota allows the system to be depleted until exhaustion, resulting in a denial of service. Given the high severity and lack of mitigation, the threat level is serious.
OpenCVE Enrichment