Six cybersecurity vulnerabilities in mission-critical SAP applications are being actively exploited by threat actors according to cybersecurity firm Onapsis. Exploitation of the flaws could result in the theft of sensitive data, financial fraud, and disruption of mission-critical systems, including malware and ransomware attacks. Researchers at Onapsis have recorded more than 300 successful attacks exploiting the flaws from mid-2020 until April 2021.

SAP systems are used by many organizations for managing critical business processes, including product lifecycle management, customer relationship management, enterprise resource planning, and supply chain management. SAP issued a warning to organizations using SAP systems on April 6, 2021 in coordination with Onapsis to alert them to the risk of attack.

Source: DZone