SAP's AI Core platform has some worrying security flaws, so patch now

News
By published

SAPwned group of flaws could allow for credential theft

SAP logo on smartphone
(Image credit: Shutterstock / rafapress)

SAP’s AI Core platform carried multiple vulnerabilities that allowed threat actors to steal access tokens and sensitive customer information, experts have warned.

AI Core is a service in the SAP Business Technology Platform that helps the execution and operations of predictive artificial intelligence (AI) workflows in a standardized and scalable way. It was built to seamlessly integrate with other SAP solutions, and allows any AI function to be easily realized using open-source frameworks. 

In total, there were five flaws, discovered by Wiz, which gave them an umbrella term - SAPwned - and explained how threat actors could leverage them.

No victims (yet)

"The vulnerabilities we found could have allowed attackers to access customers' data and contaminate internal artifacts – spreading to related services and other customers' environments," they told The Hacker News.

In other words, hackers could have stolen the credentials to people’s Amazon Web Services (AWS) instances, Microsoft Azure, as well as the SAP HANA Cloud. 

Furthermore, the vulnerabilities allow hackers to modify Docker images, or artifacts on the SAP Artifactory, an ability that could have been used in supply chain attacks. Finally, SAPwned could have been leveraged to gain admin access to SAP AI Core’s Kubernetes cluster. "Using this access level, an attacker could directly access other customer's Pods and steal sensitive data, such as models, datasets, and code," the researchers further stated. "This access also allows attackers to interfere with customer's Pods, taint AI data and manipulate models' inference."

The researchers tipped SAP off in late January 2024, and the company came back with a patch in mid-May. Wiz confirmed that no customer data was compromised by the flaws, suggesting that the researchers found the vulnerabilities before any malicious groups. 

More from TechRadar Pro

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.