SAP’s patch update for this month included a fix for a critical remote code execution vulnerability in the SAP GUI client that provides remote access to a central SAP server in a corporate network.
Researchers at ERPScan, a Dutch company specializing in business application security, disclosed some details and a proof-of-concept exploit of the vulnerability, CVE-2017-6950, today during the Troopers security conference in Germany. The vulnerability allows an attacker to remotely upload code that would execute on the vulnerable client; should an attacker, for example, successfully execute a ransomware attack, critical business systems could be held hostage.