Authors Gaurav Singh and Juan Perez-Etchegoyen recently took part in the SAP PRESS Book Club webinar series, where they answered reader questions about cybersecurity for SAP over the course of an hour.| Onapsis
By exploiting these vulnerabilities, unauthenticated threat actors can gain unrestricted remote access to SAP business-critical data and The post Executive Threat Overview: Critical Zero-Day SAP Vulnerabilities Under Active Global Exploitation appeared first on Onapsis.| Onapsis
This consolidated threat advisory [TLP:CLEAR] is provided to support defenders in their assessment of exposure and compromise against the active mass exploitation of SAP security vulnerabilities CVE-2025-31324 and CVE-2025-42999.| Onapsis
Discover key insights, gain actionable advice, and empower your organization to navigate the cloud securely during this conversation with industry experts from Onapsis and Capgemini. Join us for an educational conversation where we delve into the world of SAP security in the cloud. As enterprises increasingly migrate their SAP systems to the cloud, it becomes […]| Onapsis
Active exploitation against a zero-day vulnerability in SAP systems in the wild. Evidence of active attacks against this vulnerability has been observed by ReliaQuest, Onapsis Threat Intelligence, and confirmed by multiple IR firms in recent active investigations. SAP published an emergency security patch on April 24, 2025 to address this issue. The vulnerability is of […]| Onapsis
SAP defenders were briefed on an active exploitation campaign targeting a critical CVSS 10.0 vulnerability (CVE-2025-31324). The attack campaign was executed against SAP systems around the world. Thanks to rapid response from SAP, a security patch was released quickly. However, the ongoing impact of this orchestrated attack campaign remains far-reaching and the threat of further […]| Onapsis
Onapsis in collaboration with Mandiant invites you to a webinar to discuss the current state of the attack campaign for CVE-2025-31324| Onapsis
CISA recently updated their Known Exploited Vulnerabilities (KEV) catalog with an SAP vulnerability: CVE-2017-12637. When exploited, this vulnerability affecting SAP Netweaver AS Java application servers can enable unauthenticated threat actors to take full control of unprotected SAP systems. While this is a known security vulnerability that was promptly patched by SAP in 2017, Onapsis Research […]| Onapsis
Sichere SAP-Lösungen für Logistik und Produktion mit RISE und BTP Ein Webinar im Rahmen der 20. IT-Onlinekonferenz: Produktions- und Logistikprozesse mit SAP – Die führende Konferenz für SAP-gestützte Produktion und Logistik. Die digitale Transformation in Produktion und Logistik, angetrieben durch SAP RISE und die SAP Business Technology Platform (BTP), eröffnet Unternehmen neue Möglichkeiten zur Prozessoptimierung. […]| Onapsis
