Security News > 2021 > January > Scanning Activity Detected After Release of Exploit for Critical SAP SolMan Flaw

Scanning Activity Detected After Release of Exploit for Critical SAP SolMan Flaw
2021-01-21 04:52

A Russian researcher has made public on GitHub a functional exploit targeting a critical vulnerability that SAP patched in its Solution Manager product in March 2020.

Tracked as CVE-2020-6207 and featuring a CVSS score of 10, the security flaw is a missing authorization check in the EEM Manager component of SolMan, which could allow an unauthenticated, remote attacker to execute operating system commands on hosts, as the SMDAgent.

Following the publication of the exploit security researchers at Onapsis, a firm that specializes in securing SAP applications, have observed scanning in the wild for vulnerable systems.

Being an administrative system, SolMan "Has connections and trust relationships with every SAP system throughout the landscape," and an attacker able to compromise it would essentially gain access to any business system connected to it, the security firm warns.

Attackers looking to exploit the vulnerability need access to the SolMan HTTP(s) port.

"An attacker will need network visibility to SolMan as this system is not frequently exposed to the Internet. So for most companies, risk of this exploit should be mostly limited to internal attacks (unless external attackers have already compromised another system and are inside the network," Onapsis explains.


News URL

http://feedproxy.google.com/~r/Securityweek/~3/OIDodCW_DIA/scanning-activity-detected-after-release-exploit-critical-sap-solman-flaw

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2020-03-10 CVE-2020-6207 Missing Authentication for Critical Function vulnerability in SAP Solution Manager 7.20
SAP Solution Manager (User Experience Monitoring), version- 7.2, due to Missing Authentication Check does not perform any authentication for a service resulting in complete compromise of all SMDAgents connected to the Solution Manager.
network
low complexity
sap CWE-306
critical
9.8

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
SAP 329 25 680 386 113 1204