Security News > 2016 > May > Attackers Targeting Critical SAP Flaw Since 2013 (Threatpost)

Attackers Targeting Critical SAP Flaw Since 2013 (Threatpost)

2016-05-11 16:37

Researchers at Onapsis and DHS CERT today published reports describing a critical SAP Invoker Servlet vulnerability that has been used to attack 36 global enterprises spanning 15 critical industries.

News URL

http://threatpost.com/attackers-targeting-critical-sap-flaw-since-2013/118013/

#critical #SAP #threatpost

Related news

New Critical SAP NetWeaver Flaw Exploited to Drop Web Shell, Brute Ratel Framework (source)
SAP fixes critical Netweaver flaw exploited in attacks (source)
Critical SAP NetWeaver flaw exploited by suspected initial access broker (CVE-2025-31324) (source)
⚡ Weekly Recap: Critical SAP Exploit, AI-Powered Phishing, Major Breaches, New CVEs & More (source)
Week in review: Critical SAP NetWeaver flaw exploited, RSAC 2025 Conference (source)
China-Linked APTs Exploit SAP CVE-2025-31324 to Breach 581 Critical Systems Worldwide (source)

Related vendor

VENDOR	LAST 12M	#/PRODUCTS	LOW	MEDIUM	HIGH	CRITICAL	TOTAL VULNS
SAP		329	25	688	386	114	1213

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.