SAP patched a series of critical vulnerabilities in its cloud-based business platform HANA today that if exploited, could allow for a full system compromise without authentication.
When chained together the flaws could lead to the theft of confidential information, financial fraud, and the disruption of key business processes, even without having a legitimate SAP HANA username or password, researchers warn.