Webinars

Onapsis Research Labs Briefing on SAP CVE-2017-12637

March 27, 2025

ON DEMAND

CISA recently updated their Known Exploited Vulnerabilities (KEV) catalog with an SAP vulnerability: CVE-2017-12637. When exploited, this vulnerability affecting SAP Netweaver AS Java application servers can enable unauthenticated threat actors to take full control of unprotected SAP systems. 

While this is a known security vulnerability that was promptly patched by SAP in 2017, Onapsis Research Labs have observed this issue being present in several environments to this day.

Onapsis Research Labs has also recently identified active exploitation via our global SAP Threat Intelligence Network, and we will be sharing our findings with the public.

And, in the meantime, check out our CVE-2017-12637 analysis blog.

Speakers

Paul Laudanski

Director, Security Research
Onapsis

Alex Horan

VP, Product Management
Onapsis

Ready to eliminate your SAP cyber security blindspot?

Let us show you how simple it can be to protect your business applications.