Up to 50.000 companies using SAP software are at great risk from hacking attacks, since security researchers have found new ways to exploit the vulnerabilities of systems that are not properly protected and have published the tools online.
The German software company SAP said it issued instructions on how to configure the 2009 and 2013 security settings correctly. However, data compiled by Onapsis security company show that 90% of affected SAP systems are not properly protected.
Because of the exploits, a hacker could steal anything in a company's SAP systems and also modify the informationi. In this way, it can run financial fraud and steal money or simply sabotage and destroy systems.
SAP always recommends it to install the required security updates to avoid such issues.
SAP software is used by more than 90% of the world's leading companies, from employee payroll to product distribution and industrial processes.
Security experts say attacks on these systems could be extremely damaging to both organizations and the victims themselves.
Sogeti's security consultant, Mathieu Geli, one of the researchers who discovered exploits, said the issue is about how SAP applications communicate with each other within a company.
If a company's security settings are not configured correctly, one hacker can cheat an application and gain full access without the need for login credentials.
SAP has stated that customer safety is a priority the presence of vulnerabilities proves that customers need to apply the necessary patches when they are released.
SAP uses PPC
as a person who did my practice there I noticed that there are enough firewalls to protect the sap where I will not mention them so the only way to complete a BOF for example is local.