CONTACT US
Search
CONTACT US
Onapsis Podcasts

Onapsis Research Labs Briefing on SAP CVE-2017-12637

/in /by

CISA recently updated their Known Exploited Vulnerabilities (KEV) catalog with an SAP vulnerability: CVE-2017-12637. When exploited, this vulnerability affecting SAP Netweaver AS Java application servers can enable unauthenticated threat actors to take full control of unprotected SAP systems.

While this is a known security vulnerability that was promptly patched by SAP in 2017, Onapsis Research Labs have observed this issue being present in several environments to this day.

Onapsis Research Labs has also recently identified active exploitation via our global SAP Threat Intelligence Network, and we will be sharing our findings with the public.

Onapsis Podcasts

SAP BTP und Cyber Security: Risiken minimieren und Abläufe in Produktion und Logistik sichern

/in /by

Sichere SAP-Lösungen für Logistik und Produktion mit RISE und BTP

Ein Webinar im Rahmen der 20. IT-Onlinekonferenz: Produktions- und Logistikprozesse mit SAP – Die führende Konferenz für SAP-gestützte Produktion und Logistik.

Die digitale Transformation in Produktion und Logistik, angetrieben durch SAP RISE und die SAP Business Technology Platform (BTP), eröffnet Unternehmen neue Möglichkeiten zur Prozessoptimierung. Gleichzeitig entstehen Herausforderungen, diese geschäftskritischen Systeme sicher und compliant zu gestalten.

In diesem Webinar erfahren Sie, wie Onapsis Unternehmen unterstützt, SAP-Anwendungen in Cloud- und hybriden Umgebungen zu schützen, Sicherheits- und Compliance-Anforderungen zu erfüllen und die Integrität sensibler Daten und Prozesse sicherzustellen.

Highlights:

Effiziente Sicherheitslösungen für hybride SAP-Landschaften.
Echtzeit-Bedrohungserkennung und Schwachstellenmanagement.
Best Practices für SAP RISE und BTP.

Onapsis Webinar

Critical SAP Zero-Day Vulnerability Under Active Exploitation (CVE-2025-31324)

/in /by

Active exploitation against a zero-day vulnerability in SAP systems in the wild.

ON DEMAND

Evidence of active attacks against this vulnerability has been observed by ReliaQuest, Onapsis Threat Intelligence, and confirmed by multiple IR firms in recent active investigations.

SAP published an emergency security patch on April 24, 2025 to address this issue. The vulnerability is of critical severity (CVSS 10), and affects the SAP Visual Composer component of SAP Java systems, which is not enabled by default.

Critical Exploit Details:

  • Unauthenticated threat actors can exploit CVE-2025-31324.
  • Attackers can gain full control of vulnerable SAP systems.
  • Risks include unrestricted access to SAP business data and processes, ransomware deployment, and lateral movement.
  • Continued exploitation is expected against vulnerable internet-facing SAP Java systems.


Unauthenticated threat actors can exploit the vulnerability to gain full control of vulnerable SAP systems, including unrestricted access to the SAP business data and processes, deploy ransomware in SAP and move laterally. Given the observed activity and vulnerability characteristics, we expect continued exploitation against vulnerable internet-facing SAP Java systems.


SAP and Onapsis urge customers to take immediate action. This issue can be mitigated by applying SAP note 3594142. If you are unable to apply the patch in a timely fashion, SAP’s recommended mitigation is to either disable or prevent access to the vulnerable component, with more information described in SAP note 3596125.

Urgent Actions Required:
SAP and Onapsis urge customers to take immediate action.

  • Apply SAP Note 3594142 to patch the issue.
  • If you cannot apply the patch immediately, SAP recommends disabling or preventing access to the vulnerable component (see SAP Note 3596125).

In the meantime, you can also view our detailed blog and access the CVE-2025-31324 scanner for immediate assessment

2025 RISE with SAP Buyer’s Guide

/in /by

Navigating your journey to cloud ERP with RISE with SAP requires the right insights. We’ve partnered with SAPinsider to bring you their comprehensive 2025 Buyers Guide for RISE with SAP, a critical resource to help you make informed decisions. Download your free copy today and gain the knowledge you need to modernize your systems and build a foundation for future innovation.

This essential guide offers:

  • Key insights into the opportunities and necessities surrounding the move to RISE with SAP.
  • Valuable recommendations to guide your strategic planning and implementation.
  • Vendor Capability Assessments providing clarity on the diverse landscape of Technology Vendors, Infrastructure Providers, and Consultants & Integrators in the RISE with SAP ecosystem.

Don’t navigate this significant transition alone. Equip yourself with the expert knowledge found in the SAPinsider Buyers Guide. Grab your copy today and take the first step towards an intelligent and successful RISE with SAP adoption.

Onapsis Podcasts

SAPinsider Las Vegas 2025: An Interview with the Authors of Cybersecurity for SAP

/in /by

In this episode of the SAPinsider Las Vegas 2025 podcast, host Robert Holland SAPInsider speaks with JP Perez-Etchegoyen, CTO and co-founder of Onapsis, and Gaurav Singh, Senior Cybersecurity Manager at Under Armour, about the growing importance of cybersecurity in SAP landscapes. The conversation centers around their newly released book, Cybersecurity for SAP, the first SAP Press book to bridge the gap between traditional SAP security and modern cybersecurity practices. Perez-Etchegoyen and Singh discuss key challenges SAP customers face—like increased landscape complexity, cloud transitions, and lingering myths that SAP systems behind firewalls are secure. They emphasize the critical need for collaboration between SAP and security teams, a shift in mindset toward proactive cybersecurity, and the adoption of risk-based strategies. The duo also highlights the importance of purposeful action, education, and building strong cybersecurity programs tailored to evolving SAP environments.

Onapsis Podcasts

SAPinsider Las Vegas 2025: An Interview with Mariano Nunez of Onapsis.

/in /by

An Interview with Mariano Nunez of Onapsis. In this episode of the SAPinsider Las Vegas 2025 podcast, host Robert Holland SAPInsider speaks with Mariano Nunez, CEO and co-founder of Onapsis, about the evolving cybersecurity landscape for SAP customers. Nunez shares key challenges organizations face in securing SAP applications—especially during cloud migrations like RISE with SAP—highlighting the confusion around shared security responsibilities between SAP and its customers. He emphasizes the importance of visibility, automation, and expert guidance to build secure-by-design cloud environments and ensure compliance. The conversation also explores the surge in cyber threats targeting SAP systems, the growing role of AI in both offensive and defensive security strategies, and the critical need for specialized SAP cybersecurity expertise. Nunez encourages SAP professionals to expand their skills into cybersecurity, noting the career opportunities emerging at this intersection. He also discusses Onapsis’ unique role as a cybersecurity partner with an SAP-endorsed app and the value of people, processes, and partnerships in creating comprehensive security solutions.

Sitemap  | Terms of Use | Privacy Policy   |  Quality Policy  |  Disclosure PolicySecurity Vulnerability Reporting Guidelines |  ©2025 Onapsis  |  All rights reserved