Skip to main content

SAP SolMan Critical vulnerability detected and attackers have begun probing for vulnerable SAP systems.

Automated probes for servers containing a severe vulnerability in SAP software have been detected a week after a working exploit was published online. 

The vulnerability, tracked as CVE-2020-6207, is a bug in SAP Solution Manager (SolMan), version 7.2. 

The vulnerability has been awarded a CVSS base score of 10.0 -- the highest severity rating available -- and is caused by a missing authentication check.

SolMan's End user Experience Monitoring (EEM) function contained the authentication issue. EEM can be used to deploy scripts in other systems, and as a result, compromising EEM can lead to the hijack of "every system" connected to SolMan via remote code execution (RCE) 

SAP issued a patch for CVE-2020-6207 in March 2020 (SAP Security Note #2890213). However, for any servers left unpatched, there is now a heightened risk of compromise with the public release of a working Proof-of-Concept (PoC) exploit code.

Last week, Dmitry Chastuhin released a PoC for CVE-2020-6207 as a project for educational purposes. The security researcher said the script "check[s] and exploit[s] missing authentication checks in SAP EEM servlet."

 If enterprise IT staff have applied the patch, there is no need for concern. However, if the security fix is yet to be implemented and SolMan setups are exposed online, the creation of automated exploit tools should spur admins on to resolve the security flaw as quickly as possible. 

References to Advisories


https://launchpad.support.sap.com/#/notes/2890213

https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=540935305



Comments

Post a Comment

Popular posts from this blog

Top Cybersecurity Job Roles & Skills Required in 2025

Top Cybersecurity Job Roles & Skills Required in 2025 Security Analyst Responsibilities: Monitor security incidents and events Conduct vulnerability assessments and penetration testing Implement security controls and policies Required Skills: SIEM tools (e.g., Splunk, Sumo Logic) Network security fundamentals Incident response and threat intelligence Security Engineer Responsibilities: Design and implement security solutions Develop and enforce security policies Ensure system security compliance Required Skills: Firewalls, IDS/IPS, and endpoint security Scripting languages (Python, Bash, PowerShell) Cloud security (AWS, Azure, GCP) Penetration Tester (Ethical Hacker) Responsibilities: Conduct security testing to identify vulnerabilities Simulate cyberattacks to evaluate security posture Document findings and provide mitigation strategies Required Skills: Ethical hacking (CEH, OSCP certification preferred) Penetration testing tools (Metasploit, Burp Suite, Nmap) Knowledge of web app...
Post a Comment
Read more

Understanding Ransomware

Ransomware is a type of malicious software designed to encrypt or block access to a victim's files or entire computer system. The attackers demand a ransom payment, typically in cryptocurrencies, in exchange for providing the decryption key or restoring access. This insidious form of cyberattack has evolved over the years, becoming more sophisticated and causing significant disruption.   The impact of ransomware attacks can be devastating on multiple levels. For individuals, it can result in the loss of personal data, compromising sensitive information like financial records or personal documents. In businesses, ransomware can disrupt operations, leading to financial losses, reputational damage, and potential legal implications. Critical infrastructure, such as healthcare or government systems, can also become targets, risking public safety and national security.
Post a Comment
Read more

Information security !!!

 
Post a Comment
Read more