SecurityWeek
SAP Patches Critical Vulnerability Impacting NetWeaver, S/4HANA
SAP has released patches for a critical vulnerability impacting multiple enterprise applications, including NetWeaver and S/4HANA.
SecurityWeek
SAP has released patches for a critical vulnerability impacting multiple enterprise applications, including NetWeaver and S/4HANA.
Cyber Security News
Three vulnerabilities have been discovered in SAP Customer Experience (CX) commerce cloud and SAP Netweaver Application which were
SecurityWeek
SAP on Tuesday announced the release of ten new and two updated security notes as part of its June 2022 Security Patch Day.
SecurityWeek
SAP has released 14 new and three updated security notes on its May 2024 Security Patch Day, including for critical vulnerabilities.
Infosecurity News
SAP confirmed most of the vulnerabilities have now available fixes, and advised companies to update their systems as soon as possible.
Bleeping Computer
SAP's security updates for this month address multiple critical vulnerabilities. The most serious of them, rated with the highest severity score, affects the company's Business Client product.
Cyber Security News
SAP provided security fixes for 19 vulnerabilities, five of which were classified as critical, affecting SAP Business Objects Business Intelligence Platform (CMC) and SAP NetWeaver.
SecurityWeek
SAP this week announced its December 2022 security updates, which resolve critical vulnerabilities in Business Client, BusinessObjects, NetWeaver, and Commerce.
SecurityWeek
SAP announced fixes for multiple critical-severity vulnerabilities on January 2023 Security Patch Day.
Cyber Security News
SAP has released patches for 16 vulnerabilities with Critical, High, Medium, and Low severities. The CVSS scores for these vulnerabilities are between 3.7 (Low) to 9.8 (Critical) which contributes to 1 Critical, 6 High, 7 Medium, and 1 Low severity vulnerability. One of the vulnerability CVSS scores is yet to be confirmed.
SecurityWeek
SAP has released patches for critical vulnerabilities in Business Application Studio, Web IDE, and Edge Integration Cell.
SecurityWeek
SAP has released eight new and five updated security notes as part of its September 2022 Security Patch Day.
SecurityWeek
SAP patches a critical code-injection vulnerability in the SAP ABA (Application Basis) cross-application component.
Bleeping Computer
Software vendor SAP has released security updates for 19 vulnerabilities, five rated as critical, meaning that administrators should apply them as soon as possible to mitigate the associated risks.
SecurityWeek
SAP has released seven new notes as part of its October 2023 Security Patch Day, all rated ‘medium severity’.
SecurityWeek
SAP released a hotfix for a critical-severity improper access control vulnerability in Business One product installation.
Cyber Security News
SAP has released their updates for patch day of this month in which several vulnerabilities have been fixed and CVEs have been updated. The severity of the patched bugs varies from 4.5 (medium) to 10.0 (critical).
Cyber Security News
Recently in a security note the German multinational software company, SAP released a security patch for the vulnerabilities.
Security Affairs
Enterprise software giant SAP addressed a critical improper access control vulnerability in its Business One product.
SecurityWeek
SAP on July 2023 Security Patch Day released 16 new security notes, including one addressing a critical vulnerability in ECC and S/4HANA
SecurityWeek
Enterprise software maker SAP documents multiple critical-severity issues and warns of risk of command injection attacks.
SecurityWeek
As part of its May 2022 Security Patch Day, SAP has released eight new and four updated security notes, including three that address the recent Spring4Shell vulnerability in more products.
SecurityWeek
SAP has fixed over a dozen new vulnerabilities with its Patch Tuesday updates, including a critical flaw in its PowerDesigner product.
SecurityWeek
SAP releases 12 security notes on April 2024 Security Patch Day, including three notes dealing with high-severity vulnerabilities.
Cyber Security News
SAP has released its September security patches in which 13 vulnerabilities were related to Information Disclosure, Code Injection, Memory Corruption, and much more.
The Record
German enterprise software maker SAP and the US Cybersecurity and Infrastructure Security Agency have issued security advisories on Tuesday to warn SAP customers to install the company's February security patches as soon as possible in order to prevent the exploitation of a major vulnerability in a ubiquitous SAP component.
SecurityWeek
CISA warns that one SAP vulnerability and two Microsoft product vulnerabilities patched earlier this year are being exploited in the wild.
CyberSecurity Dive
Thousands of systems remain vulnerable, including applications not connected to the public internet.
Cyber Security News
SAP has released the security patches for the Patch Day of October 2023 in which they have a release of new Security Notes and 2 updates.
ZDNet
Cybersecurity researchers warn about cyberattacks by 'Elephant Beetle' - which use over 80 tools and exploits legacy vulnerabilities to hide inside networks for months at a time.
SecurityWeek
SAP has announced the release of five new and two updated security notes as part of its August 2022 Security Patch Day.
Bleeping Computer
A financially-motivated actor dubbed 'Elephant Beetle' is stealing millions of dollars from organizations worldwide using an arsenal of over 80 unique tools and scripts.
CyberSecurity Dive
Onapsis security researchers warn attackers could take full control of systems to steal data, disrupt critical business functions and launch ransomware.
SecurityWeek
SAP has released nine new security notes on its November 2022 Security Patch Day, including two notes addressing critical bugs in BusinessObjects and SAPUI5.
Bleeping Computer
Enterprise software vendor SAP has released its April 2023 security updates for several of its products, which includes fixes for two critical-severity vulnerabilities that impact the SAP Diagnostics Agent and the SAP BusinessObjects Business Intelligence Platform.
SecurityWeek
Microsoft patched 60 security bugs in multiple products and waned of an actively exploited Windows zero-day (CVE-2024-30051)
Bleeping Computer
The US Cybersecurity and Infrastructure Security Agency (CISA) has warned admins to patch a set of severe security flaws dubbed ICMAD (Internet Communication Manager Advanced Desync) and impacting SAP business apps using Internet Communication Manager (ICM).
The Hacker News
CISA has updated its Known Exploited Vulnerabilities Catalog with seven new vulnerabilities based on evidence of active exploitation.
SecurityWeek
Adobe documents multiple code execution flaws in a wide range of products, including the widely deployed Adobe Acrobat and Reader software.
ThreatPost
The group blends into an environment before loading up trivial, thickly stacked, fraudulent financial transactions too tiny to be noticed but adding up to millions of dollars.
Security Affairs
US CISA added a critical SAP flaw to its Known Exploited Vulnerabilities Catalog after its details were disclosed at the Black Hat and Def Con conferences. The US Cybersecurity and Infrastructure Security Agency (CISA) added a critical SAP vulnerability, tracked as CVE-2022-22536, to its Known Exploited Vulnerabilities Catalog a few days after researchers shared details […]
Security Affairs
The Cybernews research team has discovered some BMW subdomains that were vulnerable to redirect vulnerability.
CSO
Research highlights heightened threat actor interests in SAP systems, targeting poorly patched organizations.
DarkReading
Patches are available for three bugs, but with technical details and PoCs now available, threat actors can craft targeted attacks.
CyberNews
Cybernews researchers have discovered two BMW subdomains that were vulnerable to SAP redirect vulnerability.
Ars Technica
July saw two high-severity bugs in Firefox, while Oracle patched over 500 vulnerabilities.
Cyber Security News
This week's Threat and Vulnerability Roundup from Cyber Writes brings you the most recent cybersecurity news.