SAP Cyber Threat Intelligence Report – April 2018

Thursday, April 19, 2018

Alexander Polyakov

7d55c20d433dd60022642d3ab77b8efb

The SAP threat landscape is always expanding thus putting organizations of all sizes and industries at risk of cyber attacks. The idea behind the monthly SAP Cyber Threat Intelligence report is to provide an insight into the latest security vulnerabilities and threats.

Key takeaways

  • This set of SAP Security Notes consists of 16 patches with the majority of them rated medium.
  • Implementation Flaw is the most common vulnerability type.
  • A security vulnerability addressing SAP Business Client received the highest CVSS base score of 9.8 this year.

SAP Security Notes – April 2018

SAP has released the monthly critical patch update for April 2018. This patch update closes 16 SAP Security Notes (12 SAP Security Patch Day Notes and 4 Support Package Notes). 5 of all the patches are updates to previously released Security Notes.

4 of all the notes were released after the second Tuesday of the previous month and before the second Tuesday of this month.

One of the released SAP Security Notes was assessed at Hot News, and 4 have High priority rating.

The most common vulnerability type is Implementation Flaw.

SAP users are recommended to implement security patches as they are released as it helps protect the SAP landscape.

Critical issues closed by SAP Security Notes in April

The most dangerous vulnerabilities of this update can be patched with the help of the following SAP Security Notes:

  • 2622660: SAP Business Client has a security vulnerability (CVSS Base Score: 9.8). Depending on the vulnerability, attackers can exploit a Memory corruption vulnerability for injecting specially crafted code into a working memory which will be executed by the vulnerable application. This can lead to taking complete control of an application, denial of service, command execution and other attacks. This fact has a negative influence on business processes and business reputation as a result. Install this SAP Security Note to prevent the risks.
  • 2587985: SAP Business One has an Denial of Service (DOS) vulnerability (CVSS Base Score: 7.5 CVE-2017-7668). An attacker can use Denial of service vulnerability for terminating a process of a vulnerable component. For this time nobody can use this service, this fact negatively influences on a business processes, system downtime and business reputation as result. Install this SAP Security Note to prevent the risks.
  • 2552318: SAP Visual Composer has a Code Injection vulnerability (CVSS Base Score: 7.4 ). Update 1 to Security Note 2376081. Depending on the code, attackers can perform different actions: inject and run their own code, obtain additional information that must be hidden, change or delete data, modify the output of the system, create new users with higher privileges, control the behavior of the system, or can potentially escalate privileges by executing malicious code or even to perform a DOS attack. Install this SAP Security Note to prevent the risks.

Advisories for these SAP vulnerabilities with technical details will be available in three months on erpscan.com. Exploits for the most critical vulnerabilities are already available in ERPScan Security Monitoring Suite.

Possibly Related Articles:
58772
Enterprise Security CVE
SAP vulnerability SAP Security Patch Day SAP Security Notes
Post Rating I Like this!
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.