Business software vendor SAP has recently patched various flaws across multiple products, including some vulnerabilities rated as “critical”. Altogether, 19 flaws were addressed.The critical flaws include those that can allow threat actors to overwrite files, inject code, and access and manipulate data. Among the affected applications are SAP NetWeaver AS for Java, SAP NetWeaver Application Server for ABAP, SAP NetWeaver AP for ABAP and the SAP Business Objects Business Intelligence Platform.For the remaining 14 vulnerabilities, four were deemed high-severity, and ten were deemed medium-severity. SAP is a popular software vendor among corporations, which makes it a major target for cybercriminals.
SAP is the largest ERP vendor worldwide, retaining almost a quarter of the global market share (24%) with more than 400,000 customers. Furthermore, nine out of ten of the Forbes Global 2000 organizations use SAP products, including its customer relationship management (CRM) and supply chain management (SCM) solutions.Despite its popularity in the business world, news of breaches via SAP products are few and far between. Just over a year ago, the US Cybersecurity and Infrastructure Security Agency (CISA) warned business users of a number of “severe vulnerabilities” found in SAP solutions, which could result in data theft and ransomware attacks. And last year, networks belonging to firms and government organizations were compromised in an attack on SAP systems that were unpatched, serving as a staunch reminder to apply security fixes to software as soon as they are released by the vendor. The same advice applies to this new case, so make sure to patch your SAP systems as soon as possible.Via: BleepingComputer (opens in new tab)
SAP Releases Fixes for Some Serious Flaws in its Business Software
SAP, a leading software company, recently released security updates that fix multiple vulnerabilities in its business software. The flaws can reportedly be exploited to execute cross-site scripting (XSS) attacks, perform denial-of-service attacks, and bypass security restrictions to access sensitive data. The vulnerabilities can be found in the SAP ERP Central Component (ECC), SAP HANA, and other related software products.
The security fixes come in response to the escalating number of cyberattacks on businesses across the world, and SAP advises all customers to update their systems promptly to ensure their safety. The updates apply to SAP software versions released between 2012 and today.
In light of the releases, companies using SAP should place a high priority on updating their systems to prevent potential attackers from accessing sensitive data, damaging their reputation, and disrupting business operations.
1. What is the recent update from SAP regarding its business software?
Ans: SAP has recently released security updates that fix multiple vulnerabilities in its business software.
2. What risks can the vulnerabilities lead to?
Ans: The flaws can reportedly be exploited to execute cross-site scripting (XSS) attacks, perform denial-of-service attacks, and bypass security restrictions to access sensitive data.
3. Which SAP software products are affected by the vulnerabilities?
Ans: The vulnerabilities can be found in the SAP ERP Central Component (ECC), SAP HANA, and other related software products.
4. Why should companies update their systems promptly?
Ans: The updates come in response to the escalating number of cyberattacks on businesses across the world, and SAP advises all customers to update their systems promptly to ensure their safety. Companies using SAP should place a high priority on updating their systems to prevent potential attackers from accessing sensitive data, damaging their reputation, and disrupting business operations.
- The team of experts at TechListen.com are dedicated to providing you with the best information and insights on the latest and greatest technology. Our experts have extensive knowledge and experience in the tech industry, and are constantly researching and analyzing the newest products and services so you can make informed decisions. We provide detailed reviews and analysis of the latest gadgets and gizmos, as well as the hottest trends in the industry. Our team is committed to helping you stay up-to-date with the ever-changing world of technology, so you can get the most out of your tech investments. With our expertise and dedication to providing the best information, TechListen.com is the premier online destination for all things tech.
- NewsAugust 25, 2023Instacart Unveils $428 Million Profit with Anticipated Slowing Growth Prior to I.P.O.
- ReviewsAugust 23, 2023Reviewing Immortals of Aveum: Do You Believe in Magic?
- NewsAugust 22, 2023Quordle Today: Hints and Answers for Wednesday, August 23, Game #576
- NewsAugust 19, 2023Cruise Decreases Driverless Car Fleet in San Francisco After Crash