Carding Forum
Professional
- Messages
- 2,788
- Reaction score
- 1,313
- Points
- 113
Hackers could gain access to confidential information.
The study, codenamed "SAPwned", identified serious vulnerabilities in the SAP AI Core system that allowed attackers to gain access to customers cloud environments and their confidential data.
Attackers were able to request and obtain the Loki configuration via the /config path, which led to the leak of AWS secrets needed to access the system. Additionally, large amounts of AI data, including code and training datasets sorted by client ID, were exposed through AWS Elastic File System (EFS) instances.
In addition, an unauthorized Helm server revealed Google access tokens and confidential customer information, which further increased the risk of compromising the system. The SAP access key provided additional opportunities for attacks, extending read and write access.
In the future, you need to ensure that there are strong barriers to prevent untrusted code from running in the same environment as other clients and internal resources.
Source
The study, codenamed "SAPwned", identified serious vulnerabilities in the SAP AI Core system that allowed attackers to gain access to customers cloud environments and their confidential data.
Attack stages
The main reason for the identified problems was the possibility of executing malicious AI models and training procedures, which are essentially code. Despite the security measures, two configuration parameters omitted by the SAP access controller allowed attackers to gain access to the Istiod cluster token, as well as bypass network restrictions.Attackers were able to request and obtain the Loki configuration via the /config path, which led to the leak of AWS secrets needed to access the system. Additionally, large amounts of AI data, including code and training datasets sorted by client ID, were exposed through AWS Elastic File System (EFS) instances.
Compromising internal systems
Internal Docker Registry and Artifactory systems were also compromised via an unauthenticated Helm server. This allowed attackers to view internal assemblies and images, which could lead to a leak of customer data and trade secrets. There was also a threat of attacks on the SAP AI Core supply chain, as attackers could change assemblies and images using the granted write access.In addition, an unauthorized Helm server revealed Google access tokens and confidential customer information, which further increased the risk of compromising the system. The SAP access key provided additional opportunities for attacks, extending read and write access.
Security measures
SAP acknowledged the existence of vulnerabilities and said that all of them were fixed by the company's security team. The company assured that there was no compromise of customer information. The impact of the attack could have been reduced by strengthening internal services, which would have reduced the severity of the incident from a complete service hijack to minor security issues.In the future, you need to ensure that there are strong barriers to prevent untrusted code from running in the same environment as other clients and internal resources.
Source
