Security News > 2024 > July > SAP AI Core Vulnerabilities Expose Customer Data to Cyber Attacks

Cybersecurity researchers have uncovered security shortcomings in SAP AI Core cloud-based platform for creating and deploying predictive artificial intelligence workflows that could be exploited to get hold of access tokens and customer data.

"The vulnerabilities we found could have allowed attackers to access customers' data and contaminate internal artifacts - spreading to related services and other customers' environments," security researcher Hillai Ben-Sasson said in a report shared with The Hacker News.

They could also be used to modify Docker images on SAP's internal container registry, SAP's Docker images on the Google Container Registry, and artifacts hosted on SAP's internal Artifactory server, resulting in a supply chain attack on SAP AI Core services.

The access could be weaponized to gain cluster administrator privileges on SAP AI Core's Kubernetes cluster by taking advantage of the fact that the Helm package manager server was exposed to both read and write operations.

As a result, a threat actor could create a regular AI application on SAP AI Core, bypass network restrictions, and probe the Kubernetes Pod's internal network to obtain AWS tokens and access customer code and training datasets by exploiting misconfigurations in AWS Elastic File System shares.

"Regulated data makes up more than a third of the sensitive data being shared with generative AI applications - presenting a potential risk to businesses of costly data breaches," the company said.

News URL

https://thehackernews.com/2024/07/sap-ai-core-vulnerabilities-expose.html