Many companies using SAP systems ignore to be impacted by a 13-year-old security configuration that could expose their architecture to cyber attacks. According to the security firm Onapsis, 90 percent SAP systems were impacted by the vulnerability that affects SAP Netweaver and that can be exploited by a remote unauthenticated attacker who has network access […]
SAP released the April 2018 Security Patch Day, a collection of ten security patches that also address critical vulnerabilities in web browser controls in SAP Business Client. SAP also released 2 updates to previously released security notes, one note was rated Hot News, 4 were rated High Priority, and 7 were rated Medium Priority. The most […]
Security experts at ERPScan explained that chaining 2 flaws recently patched it is possible to hack SAP CRM systems and access sensitive data. Security experts at ERPScan discovered that chaining the exploits for two security vulnerabilities in SAP NetWeaver Application Server Java patched last month, an attacker can hack customer relationship management (CRM) systems. CRMs are […]
SAP released March 2018 SAP Security Patch Day that addresses High and Medium priority vulnerabilities in its products, including three decade-old issues in SAP Internet Graphics Server. March 2018 SAP Security Patch Day includes 10 Security Notes, three rated High priority and 7 rated as Medium priority. The company also released 17 Support Package Notes, 11 […]
SAP Security Notes â February 2018: SAP Security Notes February 2018 addressed several vulnerabilities including High-Risk flaws. SAP has released February 2018 Patches that addressed some high-risk vulnerabilities in its software, a total of 26 Security Notes (5 high-, 19 medium- and 2 low-risk). Once again, the missing authorization check is the most common vulnerability type this month. The […]
A $25 Raspberry Pi or similar tiny PCs could be used to hack SAP POS systems due to a critical vulnerability. SAP POS is client-server technology that belongs to the SAP for Retail line-up, it is widely adopted, it has been estimated that it is used by 80 per cent of the retailers in the Forbes […]
SAP issued the May 2017 Security Update that addresses 17 security Vulnerabilities. On Tuesday SAP released the May 2017 security update that addresses 17 vulnerabilities in its products, 9 of them were released on this Security Patch Day. “On 9th of May 2017, SAP Security Patch Day saw the release of 9 security notes. Additionally, there were […]
SAP has issued a security patch for the SAP TREX search engine that addresses also a two-years old critical vulnerability. SAP has issued a security patch for the SAP TREX search engine that addresses multiple vulnerabilities discovered by the experts in a 2015 patch released in December 2015. The SAP TREX search engine is used […]
A PricewaterhouseCoopers SAP software, the Automated Controls Evaluator (ACE), is affected by a critical security flaw that could be exploited by hackers. A software developed by PricewaterhouseCoopers for SAP systems, the Automated Controls Evaluator (ACE), is affected by a critical security flaw. The vulnerability was discovered by the security firm ESNC who analyzed the tool. The Automated Controls […]
Experts from ERPScan revealed that a SAP flaw patched in September still impacts more than 900 SAP systems exposed to the Internet. An information disclosure vulnerability in SAP that was patched in September impacts more than 900 SAP systems that are exposed to the Internet. According to the expert Sergiu Popa from Quenta Solutions who reported the […]