Thousands of SAP users face cyberattacks over unsecured flaws

News
By published

Threat actors are weaponizing vulnerabilities less than 72 hours after disclosure, SAP warns

security
(Image credit: Shutterstock / binarydesign)

Security researchers working with German software firm SAP have discovered that unpatched instances of the latter’s enterprise resource planning (ERP), customer relationship management (CRM), and other offerings are being actively targeted. 

The threats were revealed in a report jointly prepared by SAP and cloud security firm Onapsis. 

The duo argues that the report will “help SAP customers protect from active cyber threats seeking to specifically target, identify and compromise organizations running unprotected SAP applications, through a variety of cyberattack vectors.”

TechRadar needs you!

We're looking at how our readers use VPN for a forthcoming in-depth report. We'd love to hear your thoughts in the survey below. It won't take more than 60 seconds of your time.

>> Click here to start the survey in a new window<<

Unpatched targets

The report notes six vulnerabilities in particular, going back all the way to 2010. One even has a CVSS severity rating of 10, which is the highest possible score for a vulnerability.

However, in what is fast becoming a major impediment to security, even while SAP has released patches to mitigate all vulnerabilities, hundreds of customers haven’t yet applied them, leaving them prone to threat actors.

According to the report, from the time Onapsis started recording exploitation attempts targeting unpatched SAP apps, in mid-2020, its researchers have seen about 300 successful exploitations through 1500 attack attempts from nearly 20 countries.

"Exploitation would lead to full control of unsecured SAP applications, bypassing common security and compliance controls, enabling attackers to steal sensitive information, perform financial fraud or disrupt mission-critical business processes by deploying ransomware or stopping operations," note the companies in the report.

The report identifies another worrying trend. According to its observations, the window for patching doesn’t offer much room for contemplation, with some SAP vulnerabilities becoming weaponized in less than 72 hours after public disclosure. 

So while not applying patches for years is a sure shot invitation to exploitation, even waiting for a few days can put your SAP instances in danger. The only safeguard is to apply security patches as soon as they are released, which is a practice both companies urge all SAP customers to follow.

Via: ZDNet

Mayank Sharma
Mayank Sharma

With almost two decades of writing and reporting on Linux, Mayank Sharma would like everyone to think he’s TechRadar Pro’s expert on the topic. Of course, he’s just as interested in other computing topics, particularly cybersecurity, cloud, containers, and coding.

Read more
Image depicting a hand on a scanner
Hackers are targeting unpatched ServiceNow instances that exploit 3 separate year-old vulnerabilities
Hacker Typing
Racing against time on a menacing caldera: survey finds majority of organizations take days to tackle critical vulnerabilities, each of them a potential open goal for cybercriminals
API
Businesses are being plagued by API security risks - with nearly 99% affected
A digital representation of a lock
Exploits on the rise: How defenders can combat sophisticated threat actors
A person at a laptop with a cybersecure lock symbol floating above it.
Hackers are still using old Ivanti bugs to break into networks
Representational image of a hacker
The 10 worst software disasters of 2024: cyberattacks, malicious AI, and silent threats
Latest in Security
IBM office logo
IBM to provide platform for flagship cyber skills programme for girls
Hacker silhouette working on a laptop with North Korean flag on the background
North Korea unveils new military unit targeting AI attacks
An image of network security icons for a network encircling a digital blue earth.
US government warns agencies to make sure their backups are safe from NAKIVO security issue
Laptop computer displaying logo of WordPress, a free and open-source content management system (CMS)
This top WordPress plugin could be hiding a worrying security flaw, so be on your guard
Computer Hacked, System Error, Virus, Cyber attack, Malware Concept. Danger Symbol
Veeam urges users to patch security issues which could allow backup hacks
UK Prime Minister Sir Kier Starmer
The UK releases timeline for migration to post-quantum cryptography
Latest in News
Samsung HW-Q990D soundbar with Halloween theme over the top
Samsung promises to repair soundbars bricked by its disastrous software update for free – but it'll probably involve shipping
Google Gemini AI
Gmail is adding a new Gemini AI tool to help smarten up your work emails
DJI Mavic 3 Pro
More DJI Mavic 4 Pro leaks seemingly reveal launch date, price and key features of the triple camera drone – here's what to expect
Android 16 logo on a phone
Here's how Android 16 will upgrade the screen unlocking process on your Pixel
Man sitting on sofa, drinking coffee, looking at phone in surprise
Thousands of coffee lovers warned to stop using their espresso machines immediately after reports of burns and lacerations
Visual Intelligence identifying a dog
AirPods with cameras for Visual Intelligence could be one of the best personal safety features Apple has ever planned – here's why
More about security
IBM office logo

IBM to provide platform for flagship cyber skills programme for girls
Hacker silhouette working on a laptop with North Korean flag on the background

North Korea unveils new military unit targeting AI attacks

Andrew Koji as Zeek pointing a gun at someone off camera.

Andrew Koji reveals Gangs of London season 3's new mysterious assassin is like 'the human Terminator' in the Sky Original series
See more latest
Most Popular
DJI Mavic 3 Pro
More DJI Mavic 4 Pro leaks seemingly reveal launch date, price and key features of the triple camera drone – here's what to expect
De&#039;Longhi Linea Classic espresso machine on kitchen counter with hot and cold coffee drinks
I'm a qualified barista, and De'Longhi's latest espresso machine could be this year's best budget buy for coffee lovers
Man sitting on sofa, drinking coffee, looking at phone in surprise
Thousands of coffee lovers warned to stop using their espresso machines immediately after reports of burns and lacerations
Samsung HW-Q990D soundbar with Halloween theme over the top
Samsung promises to repair soundbars bricked by its disastrous software update for free – but it'll probably involve shipping
A Minecraft sheep.
Minecraft developer rejects generative AI, 'it's important that it makes us feel happy to create as humans'
Nvidia AMD
Nvidia rumors suggest it's working on two affordable GPUs to spoil AMD's party
Google Gemini AI
Gmail is adding a new Gemini AI tool to help smarten up your work emails
Visual Intelligence identifying a dog
AirPods with cameras for Visual Intelligence could be one of the best personal safety features Apple has ever planned – here's why
Android 16 logo on a phone
Here's how Android 16 will upgrade the screen unlocking process on your Pixel
Apple iPhone 16 Review
New iPhone 17 report lends weight to rumors of major display and camera upgrades, and a pricey Apple foldable