Around 50,000 companies using SAP software are at great risks as new exploits target software configuration flaws. A recent report by cybersecurity firm Onapsis has detailed these exploits, which can cripple SAP-based systems. According to the report, about a million systems were discovered to be affected.
The exploits could be deployed by remote, unauthorized attackers with connectivity to the vulnerable systems having SAP.
A note on the exploits
The affected SAP products
10KBLAZE primarily affects misconfigured SAP NetWeaver applications. Other products that are susceptible include:
90 percent of systems vulnerable
The report also indicates that a majority of systems with SAP installations were vulnerable. “Onapsis research gathered over ten years calculates that nearly 90% of these systems, approximately 900,000, may suffer from the misconfigurations for which these exploits are now publicly available,” it said.
Staying Protected from the Exploit
The Onapsis’s report has also detailed solutions in order to stay protected from 10KBLAZE. This involves correctly configuring the SAP Message Server and SAP Gateway, which is critical in SAP applications. Likewise, SAP strongly recommends businesses using their solutions to install security fixes as and when they are released..
Publisher