"Critical SAP Vulnerabilities Could Lead To Cyberattacks If Not Patched"

Onapsis Research Labs and the software company, SAP, discovered critical vulnerabilities affecting SAP applications using SAP Internet Communication Manager (ICM). Organizations use SAP applications to manage critical business processes, such as enterprise resource planning, product lifecycle management, customer relationship management, and supply chain management. Businesses impacted by the vulnerabilities, including healthcare organizations and their third-party business associates, could suffer data theft, financial fraud, ransomware attacks, the disruption of mission-critical business processes, and a halt of all operations. JP Perez-Etchegoyen, CTO at Onapsis, pointed out that healthcare organizations handle highly sensitive data, including patient data, employee records, financial data, and more, all of which are often stored in business-critical applications like SAP. Patches have been made available for all three of the critical vulnerabilities, but if organizations do not prioritize certain security notes, cybercriminals could easily arrange cyberattacks. Onapsis noted that the exploitation of these vulnerabilities could be simple for an attacker since it does not require previous authentication and necessary preconditions, and the payload can be sent via HTTP(S). The researchers discovered the vulnerabilities during their investigation of HTTP smuggling over the past year. They found that threat actors could leverage HTTP smuggling techniques with a request indistinguishable from a legitimate request, which makes it difficult to detect. As the vulnerabilities are difficult to detect, easy to exploit, and can result in the complete takeover of a system, they create the potential for large-scale cyberattacks if not immediately patched. This article continues to discuss the discovery, potential exploitation, impact, and mitigation of the critical SAP vulnerabilities. 

HealthITSecurity reports "Critical SAP Vulnerabilities Could Lead To Cyberattacks If Not Patched"

Submitted by Anonymous on