Security experts collected evidence that up to 36 global organizations have been hacked via exploits against an old flaw in SAP Business Applications A five-year-old flaw in SAP software is threatening business worldwide, at least 36 global organizations have been hacked via exploits used to trigger a vulnerability in SAP Business Applications. The flaw resides on […]
An attacker who manages to get access to a user’s configuration file for SAP Download Manager might be able to obtain the stored proxy password. Are you a SAP user? Do you use the SAP Download Manager that allows downloading of software packages and support notes? You urgently need to update it in order to fix […]
SAP fixed a vulnerability affecting SAP MII can be used as a starting point of multi-stage attacks aiming to get control over plant devices and manufacturing systems. SAP fixed a critical vulnerability in its application that could be exploited by hackers, especially nation-state actors, to compromise industrial manufacturing software. SAP issued a critical software update that […]
Security experts at ERPScan discovered a serious security issue in SAPâs in-memory relational database management system, HANA. The SAP in-memory relational database management system, HANA, is affected by a serious security issue, the static encryption key is stored in the database. The fact that the encryption key is static means that every SAP HANA installation […]
SAP products make use of a proprietary implementation of LZC and LZH compression algorithms that could be exploited by attackers in several ways. For the second time in a week, we are speaking about security vulnerabilities affecting SAP systems, recently I wrote about a study published by the Onapsis firm that revealed over 95% of SAP […]