杭州江阴科强工业胶带有限公司

{"id":165888,"date":"2024-07-18T14:18:45","date_gmt":"2024-07-18T14:18:45","guid":{"rendered":"https:\/\/securityaffairs.com\/?p=165888"},"modified":"2024-07-18T14:18:47","modified_gmt":"2024-07-18T14:18:47","slug":"sap-ai-core-sapwned","status":"publish","type":"post","link":"https:\/\/securityaffairs.com\/165888\/hacking\/sap-ai-core-sapwned.html","title":{"rendered":"SAPwned flaws in SAP AI core could expose customers’ data"},"content":{"rendered":"

<\/div>\n

Researchers discovered security flaws in\u00a0SAP AI Core<\/a>\u00a0cloud-based platform that could expose customers’ data.<\/h2>\n\n\n\n
Cybersecurity researchers at Wiz uncovered five security flaws, collectively tracked as SAPwned, in the SAP AI Core<\/a> cloud-based platform. An attacker can exploit the flaws to obtain access tokens and customer data.<\/p>\n\n\n\n
SAP AI Core, developed by SAP, is a cloud-based platform providing the essential infrastructure and tools for constructing, managing, and deploying predictive AI workflows.<\/gwmw><\/gwmw><\/p>\n\n\n\n
The researchers focused on the security risks associated with AI training services requiring access to sensitive customer data. The security firm discovered that by executing legitimate AI training procedures and arbitrary code, they could gain extensive access to customers\u2019 private data and credentials across various cloud services. The researchers demonstrated that they could read and modify Docker images, artifacts, and gain administrator privileges on SAP’s Kubernetes cluster. These vulnerabilities potentially allowed attackers to access and contaminate customer environments and related services.<\/p>\n\n\n\n
“Our research into SAP AI Core began through executing legitimate AI training procedures using SAP\u2019s infrastructure. By executing arbitrary code, we were able move laterally and take over the service \u2013 gaining access to customers\u2019 private files, along with credentials to customers\u2019 cloud environments: AWS, Azure, SAP HANA Cloud, and more.” reads the report published by Wiz.\u00a0“The vulnerabilities we found could have allowed attackers to access customers\u2019 data and contaminate internal artifacts \u2013 spreading to related services and other customers\u2019 environments.”<\/em><\/p>\n\n\n\n
$\"SAP$ <\/a><\/figure>\n\n\n\n
The researchers explained that they could run malicious AI models and training procedures and urge the industry to improve its isolation and sandboxing standards when running AI models.\u00a0\u00a0<\/gwmw><\/p>\n\n\n\n
Wiz reported the flaws to SAP on January 25, 2024, and the company fixed them by May 15, 2024.<\/a><\/p>\n\n\n\n
“Researchers also highlighted that threat actors could gain cluster administrator privileges on SAP AI Core\u2019s Kubernetes cluster by exploiting the exposed Helm package manager server. Once attackers have obtained this access, they can steal sensitive data from other customers’ Pods, interfere with AI data, and manipulate models’ inference.” concludes the report. “Additionally, attackers could create AI applications to bypass network restrictions and exploit AWS Elastic File System (EFS) misconfigurations, obtaining AWS tokens and accessing customer code and training datasets.”<\/em><\/gwmw><\/p>\n\n\n\n
Pierluigi Paganini<\/strong><\/a><\/p>\n\n\n\n
Follow me on Twitter: @securityaffairs<\/strong><\/a> and Facebook<\/strong><\/a> and Mastodon<\/a><\/p>\n\n\n\n
(<\/strong>SecurityAffairs<\/strong><\/a>\u00a0\u2013<\/strong>\u00a0hacking, SAP AI Core)<\/strong><\/p>\n","protected":false},"excerpt":{"rendered":"
Researchers discovered security flaws in\u00a0SAP AI Core\u00a0cloud-based platform that could expose customers’ data. Cybersecurity researchers at Wiz uncovered five security flaws, collectively tracked as SAPwned, in the SAP AI Core cloud-based platform. An attacker can exploit the flaws to obtain access tokens and customer data. SAP AI Core, developed by SAP, is a cloud-based platform providing the […]<\/p>\n","protected":false},"author":1,"featured_media":165901,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[3323,5],"tags":[88,4112,9508,9506,10918,30,687,3756,15230,15231,841,1533],"class_list":["post-165888","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-breaking-news","category-hacking","tag-cybercrime","tag-hacking","tag-hacking-news","tag-information-security-news","tag-it-information-security","tag-malware-2","tag-pierluigi-paganini","tag-sap","tag-sap-ai-core","tag-sapwned","tag-security-affairs","tag-security-news"],"yoast_head":"\n杭州江阴科强工业胶带有限公司