SAP has released 17 new and updated SAP Security Notes in its May 2022 patch release, including the notes that were released since last patch day. As part of this month’s patch release, there are four HotNews notes and two High Priority notes.
SAP Security
Jumpstart Your SAP Security with Onapsis Assess Baseline
Business-critical applications are ubiquitous and support the essential functions and processes in global organizations, such as supply chain controls and flows, manufacturing processes, financial transactions, and human capital management.
Why Now Is the Time to Protect Your Business-Critical SAP Applications
Now more is the time to secure your business-critical SAP applications.
Onapsis and SAP Partner to Secure Business
Despite their importance, many organizations lack the proper preventative, detective, and corrective controls to secure a company’s SAP applications, and have a reigning false sense of security provided by generic security products. That’s why Onapsis and SAP have been partnering together to empower executives to mitigate what we believe is one of the most critical types of cyber risk facing organizations.
Attack & Secure SAP Systems with Onapsis Research Labs at Troopers Conference
Join Onapsis Research Labs at Troopers Conference for the fundamentals of how to pentest and secure SAP systems. Students will not only learn to assess the security of critical systems by performing tailored penetration testing, but also how to secure and monitor systems from the latest threats. Meet us there!
SAP Security Patch Day April 2022: In Focus: Spring4Shell and SAP MII
SAP’s April Patch Tuesday requires special attention. The Spring4Shell vulnerability, CVE-2022-22965, was recently detected and has been successfully exploited, as noted by researchers. Onapsis Research Labs contributed to a serious vulnerability in SAP MII that could lead to a full compromise of the server in patching hosting the application.
SAP Security Patch Day March 2022: SAP Focused Run Affected by Several Vulnerabilities
SAP has published 17 new and updated Security Notes on its March Patch Day. The most critical patch is for SAP Focused Run, with a CVSS 9.3 vulnerability which can lead to full compromise of the affected systems.
How Does HTTP Response Smuggling Work
Research from the Onapsis Research Labs in HTTP Response Smuggling led to the discovery of a set of critical vulnerabilities affecting SAP applications using SAP Internet Communication Manager (ICM). In this blog, learn how HTTP Response Smuggling works.
5 Things To Know About the ICMAD Vulnerabilities in SAP Business-Critical Applications
Onapsis and SAP partnered on the discovery and mitigation of a set of critical vulnerabilities affecting SAP applications actively using the SAP Internet Communication Manager (ICM) component. Read along for five things you should know about the ICMAD vulnerabilities.
ICMAD: Critical Vulnerabilities in SAP Business Applications Require Immediate Attention
Onapsis Research Labs discovered a set of extremely critical vulnerabilities affecting SAP applications actively using the SAP Internet Communication Manager (ICM) component. This discovery requires immediate attention by most SAP customers.