Security News > 2021 > June > SAP Patches Critical Vulnerabilities in NetWeaver
German software maker SAP this week released 17 new security notes documenting security vulnerabilities being fixed as part of the company's June 2021 SAP Security Patch Day.
SAP NetWeaver received the largest number of patches with a total of 10 security notes documenting and resolving vulnerabilities.
The most important of the new notes addresses an improper authentication vulnerability in NetWeaver ABAP Server and ABAP Platform.
The issue exists because an ABAP server could not correctly identify if communication via RFC or HTTP is between the application servers of the same SAP system or with servers outside the same system.
Three other security notes patch ten memory corruption flaws in NetWeaver ABAP Server and ABAP Platform.
All of the remaining security notes released on SAP's June 2021 Security Patch Day address medium risk vulnerabilities.
News URL
Related news
- GitLab patches critical authentication bypass vulnerabilities (source)
- Ongoing Cyber Attacks Exploit Critical Vulnerabilities in Cisco Smart Licensing Utility (source)
- OpenAI now pays researchers $100,000 for critical vulnerabilities (source)
- Still Using an Older Version of iOS or iPadOS? Update Now to Patch These Critical Security Vulnerabilities (source)
- Adobe Patches 11 Critical ColdFusion Flaws Amid 30 Total Vulnerabilities Discovered (source)
- New Critical SAP NetWeaver Flaw Exploited to Drop Web Shell, Brute Ratel Framework (source)
- SAP fixes critical Netweaver flaw exploited in attacks (source)
- Most critical vulnerabilities aren’t worth your attention (source)
- Critical SAP NetWeaver flaw exploited by suspected initial access broker (CVE-2025-31324) (source)
- ⚡ Weekly Recap: Critical SAP Exploit, AI-Powered Phishing, Major Breaches, New CVEs & More (source)