Top

Tag: SAP


Threats & Malware, Vulnerabilities

SAP Patches Critical Vulnerabilities in Diagnostics Agent, BusinessObjects

April 12, 2023

Via: SecurityWeek

Of the 24 notes included in SAP’s security updates (PDF), five are rated ‘hot news’, the highest severity rating. Two of these are new notes and three are updates to previously released security notes. The most important of the new […]


Threats & Malware, Vulnerabilities

SAP’s First Security Updates for 2023 Resolve Critical Vulnerabilities

January 11, 2023

Via: Security Week

Four of the security notes rated ‘hot news’ – the highest severity rating in SAP’s books – are fresh notes addressing vulnerabilities in Business Planning and Consolidation MS, BusinessObjects, and NetWeaver, while the remaining three are updates to notes released […]


Threats & Malware, Vulnerabilities

SAP’s December 2022 Security Updates Patch Critical Vulnerabilities

December 14, 2022

Via: Security Week

With a CVSS score of 10, the most severe of SAP’s security notes updates a note released on April 2018 Patch Day, which deals with software updates for the Chrome-based browser in SAP Business Client. Over the past month, Google […]


Threats & Malware, Vulnerabilities

SAP Patches Critical Vulnerabilities in BusinessObjects, SAPUI5

November 9, 2022

Via: Security Week

There were also updates to two previously released notes. Three other security notes were released between the second Tuesday of October and the second Tuesday of November. Three of this month’s security notes are marked ‘hot news’, which represents the […]


Threats & Malware, Vulnerabilities

Most common SAP vulnerabilities attackers try to exploit

September 20, 2022

Via: CSO Online

Unpatched vulnerabilities, common misconfigurations and hidden flaws in custom code continue to make enterprise SAP applications a target rich environment for attackers at a time when threats like ransomware and credential theft have emerged as major concerns for organizations. A […]


Network security, Security

40% of enterprises don’t include business-critical systems in their cybersecurity monitoring

June 3, 2022

Via: Help Net Security

Logpoint has announced findings from a recent poll to uncover the security and cost implications enterprises face with their existing IT infrastructure. The poll was targeted at cybersecurity and IT professionals in both the U.S. and UK. The problem with […]


Threats & Malware, Vulnerabilities

Oracle’s July 2020 CPU Includes 443 New Patches

July 15, 2020

Via: Security Week

This is a record-breaking CPU not only in terms of number of patches (the first to include over 400 fixes), but also in regard to the amount of critical flaws addressed: approximately 100 of the patches deal with vulnerabilities with […]


Vulnerabilities

SAP Releases 5 Security Notes on December 2019 Patch Day

December 12, 2019

Via: Security Week

SAP issued five new Security Notes this week as part of its December 2019 Security Patch Day, to which it also added 2 updates for previously released Security Notes. All of the new Security Notes released this month are rated […]


Application security, Network security, Security

64% of IT decision makers have reported a breach in their ERP systems in the past 24 months

October 7, 2019

Via: Help Net Security

ERP applications are ‘critical’ to business operations, according to the IDC survey of 430 IT decision makers. ERP-related breach Sixty-four percent of the 191 decision makers surveyed whose organizations rely on SAP or Oracle E-Business Suite confirmed that their deployments […]


Network security, Security, Threats & Malware, Vulnerabilities

SAP September 2019 Security Patch Day addresses four Security Notes rated as Hot News

September 12, 2019

Via: Security Affairs

SAP released the September 2019 Security Patch that addressed four Security Notes rated as Hot News by the company, but only one of them is new. SAP released 16 new or updated Security Notes, the overall number of Security Notes […]


Vulnerabilities

SAP Patches Critical Vulnerability in BusinessObjects

October 10, 2018

Via: Security Week

This week, SAP released its October 2018 set of patches, which includes the first Hot News security note for SAP BusinessObjects in over five years. SAP included 11 security notes in its October 2018 Security Patch Day, to which it […]


Vulnerabilities

SAP Patches Critical Issues With November 2017 Security Updates

November 15, 2017

Via: Security Week

SAP released its November 2017 set of patches to address 22 vulnerabilities across its product portfolio, including three issues rated Very High priority (Hot News). The enterprise software maker included 13 patches in this month’s SAP Security Patch Day, to […]


Vulnerabilities

SAP Patches Critical HANA Vulnerability That Allowed Full Access

March 15, 2017

Via: Threat Post

SAP patched a series of critical vulnerabilities in its cloud-based business platform HANA today that if exploited, could allow for a full system compromise without authentication. When chained together the flaws could lead to the theft of confidential information, financial […]


Vulnerabilities

SAP Patches Multiple XSS and Missing Authorization Vulnerabilities

January 11, 2017

Via: Security Week

SAP on Tuesday released its first set of monthly security patches for 2017, which addresses numerous Cross-Site Scripting (XSS) and Missing Authorization Check issues across its products. The enterprise software giant included 18 Patch Day Security Notes in the January […]


Vulnerabilities

An information disclosure flaw still impacts SAP Systems to the Internet

November 3, 2016

Via: Security Affairs

An information disclosure vulnerability in SAP that was patched in September impacts more than 900 SAP systems that are exposed to the Internet. According to the expert Sergiu Popa from Quenta Solutions who reported the vulnerability, the flaw could be exploited by […]


Vulnerabilities

SAP Patches XSS, DoS Vulnerabilities

April 14, 2016

Via: Security Week

SAP on Tuesday released its latest patch update for its products, which includes 19 patch notes, 10 of which had a high priority rating. There were 16 security notes included in the latest SAP Security Patch Day, to which the […]


Vulnerabilities

Remotely Exploitable Vulnerabilities in SAP Compression Algorithms

May 13, 2015

Via: vulnerabilities

The two primary compression algorithms used by SAP SE products, some of the most popular enterprise and business management software platforms on the market, contain multiple, remotely exploitable security vulnerabilities. Martin Gallo of Core Security Consulting Services found vulnerabilities in […]


Vulnerabilities

Companies are falling behind on securing their SAP environments

May 7, 2015

Via: vulnerabilities

More than 95 percent of #sap systems deployed in enterprises are exposed to #vulnerabilities that could lead to a full compromise of business #data, a #security firm claims. Onapsis, a Boston-based company that specializes in SAP security audits, also found […]


Cyber-crime

Top cyber attack vectors for critical SAP systems

May 6, 2015

Via: cyber-crime

SAP is run by over 250,000 customers worldwide, including 98 percent of the 100 most valued brands. Despite housing an organization’s most valuable and sensitive information, SAP systems are not protected from cyber threats by traditional security approaches. Based on […]