Security & Fraud

SAP Looks To Address Risky Security Vulnerabilities

Software maker SAP announced on Tuesday (March 14) that it patched cybersecurity flaws on its HANA software product.

According to Reuters, the vulnerabilities addressed had the potential to allow hackers to have control over the databases and business applications utilized by large global firms. In many cases, cyberattacks on the software databases of these types of companies can be more lucrative for hackers.

The report confirmed that the “zero day” vulnerabilities discovered are considered to be the most critical ever found in HANA. Onapsis, the security company that identified the issues, said that the flaws were located in the “User Self Service” (USS) component of the software. From there, attackers could potentially compromise the system without even needing a username or password.

“There has not been one case where a customer who applied the recommended patches has been affected,” Siddhartha Rao, VP of product security response for SAP, said in reference to the six years he had been in his role. “We currently expect there will not be that many customers affected by these issues,” he added.

Onapsis brought the 10 HANA security vulnerabilities to SAP’s attention within the last couple of months, and executives at both companies said the software maker patched the issues in near-record time.

“SAP has done a great job by releasing fixes much faster than in past situations,” Onapsis CEO Mariano Nunez told Reuters.


Latest Insights: 

The Which Apps Do They Want Study analyzes survey data collected from 1,045 American consumers to learn how they use merchant apps to enhance in-store shopping experiences, and their interest in downloading more in the future. Our research covered consumers’ usage of in-app features like loyalty and rewards offerings and in-store navigation, helping to assess how merchants can design apps to distinguish themselves from competitors.

Click to comment


To Top