Supply chain vulnerability allows attackers to manipulate SAP transport system

Read Time:44 Second

A supply chain vulnerability in the SAP transport system that allows attackers to infiltrate the change management or software deployment process has been identified by a cybersecurity provider based in Germany. A patch has been published by SAP SE to fix the issue that threatens all SAP environments that share a single transport directory.

SAP transport system vulnerable to malicious interference

SAP software products are used by companies across the globe, with many providing critical infrastructure, food, energy, and medical supplies. The internal SAP development supply chain is used by customers to request additional functionality and in-house developments to the SAP standard, with changes provided via various staging systems of the respective SAP landscape with SAP transport requests. These requests should not be modified after they have been exported from the central transport directory and released.

To read this article in full, please click here

Friday Squid Blogging: Squid Sticker

Italy’s Data Protection Watchdog Issues €15m Fine to OpenAI Over ChatGPT Probe

Ukraine’s Security Service Probes GRU-Linked Cyber-Attack on State Registers

LockBit Admins Tease a New Ransomware Version

Webcams and DVRs Vulnerable to HiatusRAT, FBI Warns

CISA Urges Encrypted Messaging After Salt Typhoon Hack

Ransomware Attackers Target Industries with Low Downtime Tolerance

Web Hacking Service ‘Araneida’ Tied to Turkish IT Firm

US Organizations Still Using Kaspersky Products Despite Ban