Home / Technology / Tech News / China asks users to update Claude Code over 'backdoor' security risk
China asks users to update Claude Code over 'backdoor' security risk
China's National Vulnerability Database alleged that certain versions of Anthropic's AI coding tool may transmit sensitive user information without consent and advised users to update or uninstall it
The warning applies to Claude Code versions 2.1.91 through 2.1.196 | Image: Bloomberg
A cybersecurity platform operated by China's industry ministry warned on Wednesday that it had identified a serious security "backdoor" risk in Anthropic's AI coding tool, Claude Code.
In a statement posted on its WeChat account, the National Vulnerability Database (NVDB) said Claude Code contains a built-in monitoring mechanism capable of transmitting sensitive information, including users' geographic location and identity-related identifiers, to remote servers without users' consent.
The warning applies to Claude Code versions 2.1.91 through 2.1.196.
NVDB advised that organizations and users should immediately review affected systems and either uninstall the impacted versions or upgrade to the latest secure release in which the alleged backdoor code has been removed.
It also urged organizations to tighten controls on external network access for development tools and strengthen traffic monitoring on core business networks to prevent the unauthorized transfer of sensitive data.
China's Alibaba has banned employees from using Claude Code at work after the tool drew scrutiny for features that can help identify China-linked users, Reuters reported last week.
Anthropic did not immediately reply to a Reuters request for comment.
(Only the headline and picture of this report may have been reworked by the Business Standard staff; the rest of the content is auto-generated from a syndicated feed.)