New Updates: SAP Rectifies Second Vulnerability Leveraged in Recent Cyber Attacks
“`HTML
SAP patches second zero-day flaw exploited in recent attacks
SAP, the leading global player in enterprise application software, has dispatched patches to mollify a second zero-day vulnerability that is being exploited in the wild in recent attacks.
These attacks are specifically designed to affect SAP NetWeaver Application Servers.
The vulnerability, akin in significance to its forerunner, had been witnessed exploited in tandem with the first zero-day, enabling attackers with devastating access.
While the first vulnerability allowed an attacker to execute arbitrary OS commands, the second vulnerability permitted escalation of privileges.
Vulnerability Details
Onapsis, a renowned expert in SAP and Oracle application cybersecurity, extensively detailed the vulnerabilities (CVE-2020-6287 and CVE-2020-6207) in its report.
According to the report, both vulnerabilities constitute a part of the adversary’s armament, enabling compromise of SAP systems to ransom or exfiltrate sensitive information.
SAP’s disclosure signifies an increasing trend of sophisticated, targeted attacks manifesting in the wild.
Cybersecurity professionals grapple with these challenges while maintaining the security posture of the organisations they represent.
Patching – A Critical Component
Espotting these vulnerabilities and promptly patching them is crucial for safeguarding enterprise systems.
SAP, having discovered the vulnerabilities through Onapsis, promptly released patches.
It further underscores the importance of regular patching in mitigating potential risks and safeguarding sensitive systems and data in the landscape of dynamic threat.
Therefore, all organisations utilising SAP NetWeaver Application Servers are strongly advised to apply these patches as speedily as possible to avoid potential security threats.
This attention to increasingly complex attacks represents a crucial player in corporate cybersecurity strategy.
Conclusion
In conclusion, the accelerated digital transformation brought on by the pandemic, coupled with the rise in targeted, advanced cyber threats, necessitates a collective, proactive approach to cybersecurity.
SAP’s action to release patches for these vulnerabilities is a step in the right direction, striking a balance between constant innovation and secure practices.
Follow-Up Reading:
“`
