Thousands of SAP users face cyberattacks over unsecured flaws

Threat actors are weaponizing vulnerabilities less than 72 hours after disclosure, SAP warns

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

Security researchers working with German software firm SAP have discovered that unpatched instances of the latter’senterprise resource planning (ERP),customer relationship management (CRM), and other offerings are being actively targeted.

The threats were revealed in a report jointly prepared by SAP and cloud security firm Onapsis.

The duo argues that the report will “help SAP customers protect from active cyber threats seeking to specifically target, identify and compromise organizations running unprotected SAP applications, through a variety of cyberattack vectors.”

We’re looking at how our readers use VPN for a forthcoming in-depth report. We’d love to hear your thoughts in the survey below. It won’t take more than 60 seconds of your time.

Click here to start the survey in a new window«

Unpatched targets

The report notes six vulnerabilities in particular, going back all the way to 2010. One even has a CVSS severity rating of 10, which is the highest possible score for a vulnerability.

However, in what is fast becoming a major impediment to security, even while SAP hasreleased patchesto mitigate all vulnerabilities, hundreds of customers haven’t yet applied them, leaving them prone to threat actors.

According to the report, from the time Onapsis started recording exploitation attempts targeting unpatched SAP apps, in mid-2020, its researchers have seen about 300 successful exploitations through 1500 attack attempts from nearly 20 countries.

“Exploitation would lead to full control of unsecured SAP applications, bypassing common security and compliance controls, enabling attackers to steal sensitive information, perform financial fraud or disrupt mission-critical business processes by deployingransomwareor stopping operations,” note the companies in the report.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

The report identifies another worrying trend. According to its observations, the window for patching doesn’t offer much room for contemplation, with some SAP vulnerabilities becoming weaponized in less than 72 hours after public disclosure.

So while not applying patches for years is a sure shot invitation to exploitation, even waiting for a few days can put your SAP instances in danger. The only safeguard is to apply security patches as soon as they are released, which is a practice both companies urge all SAP customers to follow.

Via:ZDNet

With almost two decades of writing and reporting on Linux, Mayank Sharma would like everyone to think he’sTechRadar Pro’sexpert on the topic. Of course, he’s just as interested in other computing topics, particularly cybersecurity, cloud, containers, and coding.

Mozambique VPN usage soars as internet restrictions continue

Retail and tech firms are hackers' most wanted targets – here’s what you can do about it

ChatGPT just got easier to find when you’re searching for something