SAP News Articles
Recent news articles refferecing the vendors vulnerabilities.
Critical SAP NetWeaver Flaws Let Hackers Gain System Access
SAP has released its January 2025 Security Patch Day updates, addressing 14 new vulnerabilities, including two critical flaws in SAP NetWeaver that could allow attackers to gain unauthorized access to affected systems. The most severe vulnerability, CVE-2025-0070, is an improper authentication issue...
3 weeks ago
CVE-2023-27497 : SAP DIAGNOSTICS AGENT 720 ON WINDOWS EVENTLOGSERVICECOLLECTOR MISSING AUTHENTICATION - Cloud WAF
CVE-2023-27497 : Due to missing authentication and input sanitization of code the EventLogServiceCollector of SAP Diagnostics Agent.
6 months ago
CVE-2024-39592 : SAP PDCE S4CORE 102 UP TO S4COREOP 107 AUTHORIZATION - Cloud WAF
CVE-2024-39592 : Elements of PDCE does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges.
7 months ago
SAP Security Patch Day May 2024: Critical CVE-2024-33006 Vulnerability Could Lead to System Takeover - Malware News - Malware Analysis, News and Indicators
SAP Security Patch Day May 2024: Critical CVE-2024-33006 Vulnerability Could Lead to System Takeover On May 14, 2024, SAP delivered its monthly security updates, which included 14 new Security Notes alongside updates to …
9 months ago
CVE-2024-27899 : SAP NETWEAVER AS JAVA USER MANAGEMENT ENGINE 7.50 USER ADMIN APPLICATION PASSWORD RECOVERY - Cloud WAF
CVE-2024-27899 : Self-Registration and Modify your own profile in User Admin Application of NetWeaver AS Java does not enforce proper security requirements for the content of the newly defined security answer.
10 months ago