He’s not a programmer, not a pentester, and not even a human — but he found a 0day in a Windows library.
AI bug hunters will soon take jobs from real specialists.
A new stage in vulnerability automation has been reached thanks to the integration of the chatbot Claude with reverse engineering tools. A team of specialists from TrustedSec implemented a unique approach where artificial intelligence is used to discover previously unknown vulnerabilities in signed Microsoft binary files. This could fundamentally change the way cybersecurity experts analyze code and identify threats.
In the course of the research, Claude was trained to work with the Model Context Protocol (MCP) and analyze .NET assemblies fully automatically. To do this, the developers set up a custom MCP server using ilspycmd — a decompilation tool for .NET — inside a Docker container. This allowed them to avoid manual analysis and give AI access to the full structure of the assemblies, including private methods and internal calls.
The result of the experiment was not just the discovery of potential weak spots but also the construction of full exploit chains, up to generating working code that proves the vulnerability.
One of the key cases was the "System.AddIn.dll" library, which is shipped with Windows. Claude identified a critical vulnerability related to unsafe use of BinaryFormatter in the "AddInStore.cs" file. The ReadCache and WriteCache methods performed serialization and deserialization without proper checks, opening the door for attacks through specially crafted cache files.
Although the vulnerability itself had already been described earlier, it was used in the experiment as a test of the depth of analysis. AI not only confirmed its presence but also accurately identified all possible exploitation paths, including the -addinroot and -pipelineroot parameters in the "AddinUtil.exe" utility, which could lead to arbitrary code execution.
What was particularly impressive was that Claude was able to trace the execution flow step-by-step, from user input to the invocation of the vulnerable Deserialize(). He indicated that the dangerous code segment is triggered via the AddInStore.Update() or AddInStore.Rebuild() methods, which then lead to GetPipelineDeploymentState(), where the unsafe deserialization occurs.
The AI also demonstrated a full understanding of the binary file format. It generated a Python script that created the correct directory structure (HostSideAdapters, Contracts, AddInSideAdapters, AddInViews) and added the "PipelineSegments.store" file with the required 12-byte header expected by the ReadCache method. The result of running the exploit was successful arbitrary code execution through "AddinUtil.exe."
Thus, Claude demonstrated not only the ability to find vulnerabilities but also to create working exploit chains with minimal human involvement. This significantly changes the paradigm in software analysis: from manual code review to large-scale and deep analysis using artificial intelligence.
This approach opens a new era in hunting for zero-day vulnerabilities in corporate and critical systems. With growing pressure on cybersecurity teams and the need for faster vulnerability discovery, such a tool could become a catalyst for scalable and deep automation in software security.
