Security researchers recently discovered vulnerabilities in the SAP AI Core platform [2], known as “SAPwned,” which were promptly addressed by SAP. These vulnerabilities exposed customer data to cyber attacks and allowed unauthorized access to private artifacts and credentials in cloud environments.
Description
The vulnerabilities in the SAP AI Core platform allowed attackers to modify Docker images on internal container registries, potentially leading to a supply chain attack [2] [8]. Additionally, attackers could gain cluster administrator privileges on Kubernetes clusters [1] [2] [3] [4] [5] [6] [7] [8] [9], facilitating data theft and AI model manipulation. The lack of proper isolation and sandboxing mechanisms in the platform enabled malicious AI models and training procedures to be executed [7], highlighting the need for stronger tenant isolation environments in the AI services industry. Threat actors could exploit misconfigurations in AWS Elastic File System shares to access client code and training datasets.
A cybercrime group known as NullBulge has targeted AI and gaming entities [5], stealing confidential data and selling OpenAI API keys on underground forums [5]. By weaponizing code from public repositories [5], they have emphasized the importance of running AI models from trusted sources and properly separating external models from sensitive infrastructure [7]. It is crucial for AI service providers to verify their tenant isolation architecture and adhere to best practices [7].
Conclusion
Organizations are implementing blocking controls, DLP tools [5], and real-time coaching to mitigate risks associated with the vulnerabilities in the SAP AI Core platform. The impact of these vulnerabilities underscores the importance of strengthening tenant isolation environments in the AI services industry. Moving forward, it is essential for individuals to be cautious when running AI models and for service providers to prioritize security measures to prevent future cyber attacks.
References
[1] https://securityaffairs.com/165888/hacking/sap-ai-core-sapwned.html
[2] https://cyber.vumetric.com/security-news/2024/07/18/sap-ai-core-vulnerabilities-expose-customer-data-to-cyber-attacks/
[3] https://thehackernews.com/2024/07/sap-ai-core-vulnerabilities-expose.html
[4] https://www.wiz.io/blog/sapwned-sap-ai-vulnerabilities-ai-security
[5] https://innovatopia.jp/cyber-security/cyber-security-news/39811/
[6] https://www.infosecurity-magazine.com/news/sap-ai-core-expose-customer-data/
[7] https://www.xpoint.cl/vulnerabilidad/vulnerabilidades-en-sap-ai-core-exponen-datos-de-clientes-a-ciberataques/
[8] https://vulners.com/thn/THN:41777ACF54EF6C1238B4B513365FF801
[9] https://www.csoonline.com/article/2520751/sap-security-holes-raise-questions-about-the-rush-to-ai.html