SAP Patch Day for September 2022 includes 16 new and updated Security Notes (including the notes that were released or updated since last Patch Tuesday).
Thumbnail
Thumbnail
SAP Security Patch Day August 2022: A Calm Patch Day With SAP BusinessObjects in Focus
SAP has published 11 new and updated Security Notes on its August Patch Day. SAP has patched three Information Disclosure vulnerabilities in SAP BusinessObjects (BO) which affect different components of the application.
Thumbnail
SAP Security Patch Day July 2022: Three Applications in Focus
SAP has released 27 new and updated SAP Security Notes in its July 2022 patch release. Three primary areas are affected by today’s SAP Security Notes, so Onapsis Research Labs recommends reviewing all details below before implementing the corresponding patches.
Thumbnail
SAP Security Patch Day June 2022: Improper Access Control
In SAP's June Patch Day, there are 17 new and updated security patches. The U.S. Department of Homeland Security Cybersecurity and Infrastructure Security Agency (CISA) also lists three well known vulnerabilities.
Thumbnail
SAP Security Patch Day May 2022: Spring4Shell Vulnerability Has Been Patched in Six SAP Applications
SAP has released 17 new and updated SAP Security Notes in its May 2022 patch release, including the notes that were released since last patch day. As part of this month’s patch release, there are four HotNews notes and two High Priority notes.
Thumbnail
SAP Security Patch Day April 2022: In Focus: Spring4Shell and SAP MII
SAP’s April Patch Tuesday requires special attention. The Spring4Shell vulnerability, CVE-2022-22965, was recently detected and has been successfully exploited, as noted by researchers. Onapsis Research Labs contributed to a serious vulnerability in SAP MII that could lead to a full compromise of the server in patching hosting the application.
Thumbnail
SAP Security Patch Day March 2022: SAP Focused Run Affected by Several Vulnerabilities
SAP has published 17 new and updated Security Notes on its March Patch Day. The most critical patch is for SAP Focused Run, with a CVSS 9.3 vulnerability which can lead to full compromise of the affected systems.
Thumbnail
SAP Security Patch Day February 2022: Severe HTTP Smuggling Vulnerabilities in SAP NetWeaver
SAP’s February Patch Tuesday brings new extremely critical vulnerabilities in all SAP applications that are based on SAP NetWeaver. SAP, CISA, and Onapsis strongly advise all impacted organizations to prioritize patching these affected systems as soon as possible.
Thumbnail
SAP Security Patch Day January 2022: Log4j Causes Record-Breaking Number of HotNews Notes
SAP has published 35 new and updated Security Notes on its January Patch Day, demonstrating the serious impact of Log4j vulnerability on SAP security.
Thumbnail
SAP Security Patch Day December 2021: A Patch Day in the Shadow of Log4j
With 21 new and updated notes, including four HotNews Notes (with two of them being new) and six new and updated High Priority Notes, the last SAP Patch Tuesday in 2021 is slightly above this year’s average.
