ERP News

SAP

Hackers exploiting six-year-old SAP software flaw, warns US-CERT

927 0

Hackers exploiting six-year-old SAP software flaw, warns US-CERT

Firms need to fix problem ASAP

 

Hackers are exploiting a security vulnerability in SAP business software that dates back to 2010.

The US Computer Emergency Response Team (US-CERT) has warned that at least 36 enterprises are at risk of attack if they’re running outdated or misconfigured SAP software.

The problem was uncovered by Onapsis, a firm that specialises in securing SAP and Oracle business applications.

One of the companies at risk is a top-10 highest annually grossing global enterprise, and more than a dozen of the affected companies generate over $10bn in annual revenue.

Onapsis refused to name any of the potentially affected firms, Reuters reported, but said that it found customers in the US, UK, China and Germany.

“We regard these [known victims] as just the tip of the iceberg, as well as an irrefutable answer to the question: ‘Are SAP applications being attacked?'” Onapsis said in its report.

The US-CERT alert released on Wednesday warned that a hacker who exploited the vulnerability could gain full access to an affected SAP platform, giving them “control of the business information and processes on these systems, as well as potential access to other systems”.

For Full Story, Please click here.

Leave A Reply

Your email address will not be published.

*

code