"Organizations Warned of Exploited SAP, Gpac and D-Link Vulnerabilities"

The US Cybersecurity and Infrastructure Security Agency (CISA) reports that SAP Commerce, Gpac framework, and D-Link DIR-820 routers are being exploited using old vulnerabilities. The oldest flaw, tracked as CVE-2019-0344 with a CVSS score of 9.8, enables attackers to execute arbitrary code on a vulnerable system with Hybris user rights. It is an unsafe deserialization issue in SAP Commerce Cloud's "virtualjdbc" extension. Hybris is a Customer Relationship Management (CRM) tool deeply integrated into the SAP cloud ecosystem. This article continues to discuss CISA's warning of exploited years-old vulnerabilities in SAP Commerce, Gpac framework, and D-Link DIR-820 routers.

SecurityWeek reports "Organizations Warned of Exploited SAP, Gpac and D-Link Vulnerabilities"

Submitted by grigby1

Submitted by Gregory Rigby on