"SAP Issues Advisory On the Exploit of Old Vulnerabilities to Target Enterprise Applications"
SAP and Onapsis recently released a joint threat intelligence report to help SAP customers protect themselves against active cyber threats aimed at compromising organizations running unsecured SAP applications. The report highlights activities in which security flaws given a CVSS severity score of up to 10 are being weaponized by threat actors. An estimated 400,000 organizations are using SAP applications. According to both SAP and Onapsis, there were at least 1,500 SAP application-related attack attempts tracked between June 2020 and March 2021, with at least 300 having achieved success. Attackers are targeting enterprise resource planning (ERP), customer relationship management (CRM) software, supply chain management (SCM) systems, and more. SAP releases security patches for its products each month. However, customers are not fixing the critical vulnerabilities that are being exploited by cybercriminals worldwide. There are cases in which Internet-facing SAP applications riddled with bugs have remained unpatched for months or years. The report points out six actively exploited vulnerabilities that could lead to the creation of administrator accounts, full system hijacking, complete administrative control over the hub of an organization's SAP setup, lateral movement through a corporate network, information leaks, total control of SAP business processes, and other malicious activities. The window for patching SAP vulnerabilities is small, as some of these vulnerabilities have been observed being weaponized in less than 72 hours after their disclosure. This article continues to discuss the exploitation of critical vulnerabilities in SAP applications and the potential impact of these flaws on organizations.