SAP patches second zero-day flaw exploited in recent attacks<\/title><br \/>\n <\/head><\/p>\n<p> <body><\/p>\n<header>\n<h1>SAP patches second zero-day flaw exploited in recent attacks<\/h1>\n<\/header>\n<article>\n<p>SAP, the leading global player in enterprise application software, has dispatched patches to mollify a second zero-day vulnerability that is being exploited in the wild in recent attacks.<\/p>\n<p>These attacks are specifically designed to affect SAP NetWeaver Application Servers.<\/p>\n<p>The vulnerability, akin in significance to its forerunner, had been witnessed exploited in tandem with the first zero-day, enabling attackers with devastating access.<\/p>\n<p>While the first vulnerability allowed an attacker to execute arbitrary OS commands, the second vulnerability permitted escalation of privileges.<\/p>\n<h2>Vulnerability Details<\/h2>\n<p>Onapsis, a renowned expert in SAP and Oracle application cybersecurity, extensively detailed the vulnerabilities (CVE-2020-6287 and CVE-2020-6207) in its report.<\/p>\n<p>According to the report, both vulnerabilities constitute a part of the adversary’s armament, enabling compromise of SAP systems to ransom or exfiltrate sensitive information.<\/p>\n<p>SAP’s disclosure signifies an increasing trend of sophisticated, targeted attacks manifesting in the wild.<\/p>\n<p>Cybersecurity professionals grapple with these challenges while maintaining the security posture of the organisations they represent.<\/p>\n<h2>Patching – A Critical Component<\/h2>\n<p>Espotting these vulnerabilities and promptly patching them is crucial for safeguarding enterprise systems.<\/p>\n<p>SAP, having discovered the vulnerabilities through Onapsis, promptly released patches.<\/p>\n<p>It further underscores the importance of regular patching in mitigating potential risks and safeguarding sensitive systems and data in the landscape of dynamic threat.<\/p>\n<p>Therefore, all organisations utilising SAP NetWeaver Application Servers are strongly advised to apply these patches as speedily as possible to avoid potential security threats.<\/p>\n<p>This attention to increasingly complex attacks represents a crucial player in corporate cybersecurity strategy.<\/p>\n<h2>Conclusion<\/h2>\n<p>In conclusion, the accelerated digital transformation brought on by the pandemic, coupled with the rise in targeted, advanced cyber threats, necessitates a collective, proactive approach to cybersecurity.<\/p>\n<p>SAP’s action to release patches for these vulnerabilities is a step in the right direction, striking a balance between constant innovation and secure practices.<\/p>\n<p> <b>Follow-Up Reading:<\/b><\/p>\n<ul>\n<li><a href=\"LINK to Other SAP vulnerabilities\" target=\"blank\">Exploring Other SAP Vulnerabilities<\/a><\/li>\n<li><a href=\"LINK to Patch Management Best Practices\" target=\"blank\">Patch Management Best Practices<\/a><\/li>\n<li><a href=\"LINK to Importance of Cybersecurity in corporate strategy\" target=\"blank\">The Importance of Cybersecurity in Corporate Strategy<\/a><\/li>\n<\/ul>\n<\/article>\n<footer>\n<p>Author: Cybersecurity Expert Journalist<\/p>\n<\/footer>\n<p> <\/body><br \/>\n<\/html><br \/>\n“`<\/p>\n","protected":false},"excerpt":{"rendered":"<p>“`HTML SAP patches second zero-day flaw exploited in recent attacks SAP patches second zero-day flaw<\/p>\n","protected":false},"author":1,"featured_media":3242,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"pmpro_default_level":"","_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"footnotes":""},"categories":[2,5],"tags":[],"class_list":["post-3241","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","category-news","pmpro-has-access"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/aegislens.com\/home\/wp-json\/wp\/v2\/posts\/3241","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/aegislens.com\/home\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/aegislens.com\/home\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/aegislens.com\/home\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/aegislens.com\/home\/wp-json\/wp\/v2\/comments?post=3241"}],"version-history":[{"count":1,"href":"https:\/\/aegislens.com\/home\/wp-json\/wp\/v2\/posts\/3241\/revisions"}],"predecessor-version":[{"id":3411,"href":"https:\/\/aegislens.com\/home\/wp-json\/wp\/v2\/posts\/3241\/revisions\/3411"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/aegislens.com\/home\/wp-json\/wp\/v2\/media\/3242"}],"wp:attachment":[{"href":"https:\/\/aegislens.com\/home\/wp-json\/wp\/v2\/media?parent=3241"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/aegislens.com\/home\/wp-json\/wp\/v2\/categories?post=3241"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/aegislens.com\/home\/wp-json\/wp\/v2\/tags?post=3241"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}

{"id":3241,"date":"2025-05-14T08:42:14","date_gmt":"2025-05-14T07:42:14","guid":{"rendered":"https:\/\/aegislens.com\/home\/?p=3241"},"modified":"2025-05-14T08:42:14","modified_gmt":"2025-05-14T07:42:14","slug":"new-updates-sap-rectifies-second-vulnerability-leveraged-in-recent-cyber-attacks","status":"publish","type":"post","link":"https:\/\/aegislens.com\/home\/new-updates-sap-rectifies-second-vulnerability-leveraged-in-recent-cyber-attacks\/","title":{"rendered":"New Updates: SAP Rectifies Second Vulnerability Leveraged in Recent Cyber Attacks"},"content":{"rendered":"

“`HTML
\n
\n
\n
\n SAP patches second zero-day flaw exploited in recent attacks<\/title><br \/>\n <\/head><\/p>\n<p> <body><\/p>\n<header>\n<h1>SAP patches second zero-day flaw exploited in recent attacks<\/h1>\n<\/header>\n<article>\n<p>SAP, the leading global player in enterprise application software, has dispatched patches to mollify a second zero-day vulnerability that is being exploited in the wild in recent attacks.<\/p>\n<p>These attacks are specifically designed to affect SAP NetWeaver Application Servers.<\/p>\n<p>The vulnerability, akin in significance to its forerunner, had been witnessed exploited in tandem with the first zero-day, enabling attackers with devastating access.<\/p>\n<p>While the first vulnerability allowed an attacker to execute arbitrary OS commands, the second vulnerability permitted escalation of privileges.<\/p>\n<h2>Vulnerability Details<\/h2>\n<p>Onapsis, a renowned expert in SAP and Oracle application cybersecurity, extensively detailed the vulnerabilities (CVE-2020-6287 and CVE-2020-6207) in its report.<\/p>\n<p>According to the report, both vulnerabilities constitute a part of the adversary’s armament, enabling compromise of SAP systems to ransom or exfiltrate sensitive information.<\/p>\n<p>SAP’s disclosure signifies an increasing trend of sophisticated, targeted attacks manifesting in the wild.<\/p>\n<p>Cybersecurity professionals grapple with these challenges while maintaining the security posture of the organisations they represent.<\/p>\n<h2>Patching – A Critical Component<\/h2>\n<p>Espotting these vulnerabilities and promptly patching them is crucial for safeguarding enterprise systems.<\/p>\n<p>SAP, having discovered the vulnerabilities through Onapsis, promptly released patches.<\/p>\n<p>It further underscores the importance of regular patching in mitigating potential risks and safeguarding sensitive systems and data in the landscape of dynamic threat.<\/p>\n<p>Therefore, all organisations utilising SAP NetWeaver Application Servers are strongly advised to apply these patches as speedily as possible to avoid potential security threats.<\/p>\n<p>This attention to increasingly complex attacks represents a crucial player in corporate cybersecurity strategy.<\/p>\n<h2>Conclusion<\/h2>\n<p>In conclusion, the accelerated digital transformation brought on by the pandemic, coupled with the rise in targeted, advanced cyber threats, necessitates a collective, proactive approach to cybersecurity.<\/p>\n<p>SAP’s action to release patches for these vulnerabilities is a step in the right direction, striking a balance between constant innovation and secure practices.<\/p>\n<p> <b>Follow-Up Reading:<\/b><\/p>\n<ul>\n<li><a href=\"LINK to Other SAP vulnerabilities\" target=\"blank\">Exploring Other SAP Vulnerabilities<\/a><\/li>\n<li><a href=\"LINK to Patch Management Best Practices\" target=\"blank\">Patch Management Best Practices<\/a><\/li>\n<li><a href=\"LINK to Importance of Cybersecurity in corporate strategy\" target=\"blank\">The Importance of Cybersecurity in Corporate Strategy<\/a><\/li>\n<\/ul>\n<\/article>\n<footer>\n<p>Author: Cybersecurity Expert Journalist<\/p>\n<\/footer>\n<p> <\/body><br \/>\n<\/html><br \/>\n“`<\/p>\n","protected":false},"excerpt":{"rendered":"<p>“`HTML SAP patches second zero-day flaw exploited in recent attacks SAP patches second zero-day flaw<\/p>\n","protected":false},"author":1,"featured_media":3242,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"pmpro_default_level":"","_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"footnotes":""},"categories":[2,5],"tags":[],"class_list":["post-3241","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","category-news","pmpro-has-access"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/aegislens.com\/home\/wp-json\/wp\/v2\/posts\/3241","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/aegislens.com\/home\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/aegislens.com\/home\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/aegislens.com\/home\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/aegislens.com\/home\/wp-json\/wp\/v2\/comments?post=3241"}],"version-history":[{"count":1,"href":"https:\/\/aegislens.com\/home\/wp-json\/wp\/v2\/posts\/3241\/revisions"}],"predecessor-version":[{"id":3411,"href":"https:\/\/aegislens.com\/home\/wp-json\/wp\/v2\/posts\/3241\/revisions\/3411"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/aegislens.com\/home\/wp-json\/wp\/v2\/media\/3242"}],"wp:attachment":[{"href":"https:\/\/aegislens.com\/home\/wp-json\/wp\/v2\/media?parent=3241"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/aegislens.com\/home\/wp-json\/wp\/v2\/categories?post=3241"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/aegislens.com\/home\/wp-json\/wp\/v2\/tags?post=3241"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}