Home » Cyber Security News » Around 50000 firms that use SAP solutions left vulnerable with new exploits

Around 50000 firms that use SAP solutions left vulnerable with new exploits

  • The exploits could be used by attackers to fully compromise SAP applications as well as delete all business data.
  • Vulnerabilities present in SAP NetWeaver installations were primarily targeted by these exploits.

Around 50,000 companies using SAP software are at great risks as new exploits target software configuration flaws. A recent report by cybersecurity firm Onapsis has detailed these exploits, which can cripple SAP-based systems. According to the report, about a million systems were discovered to be affected.

The exploits could be deployed by remote, unauthorized attackers with connectivity to the vulnerable systems having SAP.

A note on the exploits

  • Collectively Known as ‘10KBLAZE’, the exploits targeted two technical components in SAP applications. The vulnerable components are SAP Message Server and SAP Gateway.
  • With these exploits, attackers could create new users in the SAP system with arbitrary privileges allowing them to view and modify confidential business data such as personal information of employees, financial statements, banking transfer, health records and so on.

The affected SAP products

10KBLAZE primarily affects misconfigured SAP NetWeaver applications. Other products that are susceptible include:

  • SAP S/4HANA
  • SAP Enterprise Resource Planning
  • SAP Product Lifecycle Management
  • SAP Customer Relationship Management
  • SAP Human Capital Management
  • SAP Supply Chain Management
  • SAP Supplier Relationship Management
  • SAP NetWeaver Business Warehouse
  • SAP Business Intelligence
  • SAP Process Integration
  • SAP Solution Manager
  • SAP Governance, Risk & Compliance 10.x
  • SAP NetWeaver ABAP® Application Server 7.0 – 7.52

90 percent of systems vulnerable

The report also indicates that a majority of systems with SAP installations were vulnerable. “Onapsis research gathered over ten years calculates that nearly 90% of these systems, approximately 900,000, may suffer from the misconfigurations for which these exploits are now publicly available,” it said.

Staying Protected from the Exploit

The Onapsis’s report has also detailed solutions in order to stay protected from 10KBLAZE. This involves correctly configuring the SAP Message Server and SAP Gateway, which is critical in SAP applications. Likewise, SAP strongly recommends businesses using their solutions to install security fixes as and when they are released..

Firewall,Hardware Firewall,Software Firewall,Firewall India, Firewall,Network Firewall,Firewall Support,Firewall Monitoring,Firewall VPN, WAF Website Firewall,Firewall Security, Firewall India,Firewalls Provider in India

Information Security - InfoSec - Cyber Security - Firewall Providers Company in India

What is Firewall? A Firewall is a network security device that monitors and filters incoming and outgoing network traffic based on an organization's previously established security policies. At its most basic, a firewall is essentially the barrier that sits between a private internal network and the public Internet.

 

Secure your network at the gateway against threats such as intrusions, Viruses, Spyware, Worms, Trojans, Adware, Keyloggers, Malicious Mobile Code (MMC), and other dangerous applications for total protection in a convenient, affordable subscription-based service. Modern threats like web-based malware attacks, targeted attacks, application-layer attacks, and more have had a significantly negative effect on the threat landscape. In fact, more than 80% of all new malware and intrusion attempts are exploiting weaknesses in applications, as opposed to weaknesses in networking components and services. Stateful firewalls with simple packet filtering capabilities were efficient blocking unwanted applications as most applications met the port-protocol expectations. Administrators could promptly prevent an unsafe application from being accessed by users by blocking the associated ports and protocols.

 

Firewall Firm is an IT Monteur Firewall Company provides Managed Firewall Support, Firewall providers , Firewall Security Service Provider, Network Security Services, Firewall Solutions India , New Delhi - India's capital territory , Mumbai - Bombay , Kolkata - Calcutta , Chennai - Madras , Bangaluru - Bangalore , Bhubaneswar, Ahmedabad, Hyderabad, Pune, Surat, Jaipur, Firewall Service Providers in India

Sales Number : +91 9582 90 7788 | Support Number : +91-9654016484
Sales Email : sales@itmonteur.net | Support Email : support@itmonteur.net

Register & Request Quote | Submit Support Ticket