The Onapsis Blog

The world of business-critical application security is dynamic, with new developments happening on a continuous basis. Check out our blog for recommendations, insights and observations on the latest news for securing your SAP®, Oracle® and Salesforce applications.

Oracle PAYDAY Vulnerabilities

Video: Oracle PAYDAY Vulnerabilities

Oracle E-Business Suite (EBS) critical vulnerabilities from earlier this year are presenting new risk, despite Oracle issuing fixes and thousands of organizations that have not applied the patches remain at risk.

With over 21,000 organizations across the globe using Oracle EBS, Onapsis estimates that over 50% of Oracle EBS customers have not deployed the patches necessary to protect their systems, leaving thousands of organizations at risk. Two attack scenarios involving these vulnerabilities are detailed in the videos below. The first could leave you vulnerable to a malicious user gaining control of your Oracle E-Business Suite, resulting in a user rerouting invoice payments to an attacker’s bank account, leaving no trace. In the second example, a malicious user would be able to create and print forged bank checks through the Oracle EBS check printing process, with the ability to then disable and erase audit logs to hide the activity. Together, these two major vulnerabilities are dubbed the PAYDAY attack scenarios and could be detrimental to your business if you have not patched your system correctly.

Watch the videos below for more information on these attack scenarios and on patching your Oracle EBS system and keeping your organization safe and secure. Learn more by downloading our Oracle EBS PAYDAY vulnerabilities threat report.







Request a Demo from Onapsis

Ready to eliminate your SAP cyber security blindspot?

Let us show you how simple it can be to protect your business applications.

Request a demo