Workarounds for SAP Security Notes
Corrections for Common Vulnerabilities and Exposures (CVEs) impacting SAP solutions are delivered via patch day notes and support packages released through the SAP Support Portal. In most cases, the corrections include automated fixes that are applied as updates or upgrades for impacted software components. Applying the automated fixes is the preferred method for addressing SAP […]
What’s New in the Cybersecurity Extension for SAP, Version 5.3
The new release of the Cybersecurity Extension for SAP (CES) is in general availability and includes several important enhancements for SAP vulnerability management and threat detection. Version 5.3 includes patterns for detecting indicators of compromise in the SAP Cloud Connector. The Connector is an agent that links SAP BTP applications with on-premise SAP systems. As […]
SAP Vulnerability Actively Exploited by Ransomware Groups and Threat Actors
CVE-2025-31324 for the zero-day vulnerability in SAP NetWeaver was officially added to the Known Exploited Vulnerabilities (KEV) catalog by the United States Cybersecurity and Infrastructure Security Agency (CISA) on April 29. CVE-2025-42999 was also added to the KEV catalog on May 15. Both CVEs address critical vulnerabilities in the Visual Composer framework in SAP NetWeaver […]
SAP Zero Day Vulnerability CVE-2025-31324 / Security Note 3594142
On April 22, ReliaQuest released details of a zero-day vulnerability that the company discovered during investigations into customer incidents involving the upload and execution of malicious files in SAP NetWeaver Java systems. According to the findings of the investigation, threat actors were able to take full control of the target systems by exploiting a vulnerability […]
The 24-Month Rule for SAP Security Patching
Regular patching is critical for protecting SAP software against security vulnerabilities. Security weaknesses are discovered by SAP through internal testing and testing performed by external researchers. The latter disclose vulnerabilities directly to the SAP Product Security Response Team and through the official SAP bug bounty program. Once a vulnerability is identified or reported, it is […]
The Most Critical SAP Security Notes of 2024
Security notes are released by SAP on the second Tuesday of every month to address vulnerabilities in SAP solutions. The vulnerabilities are discovered by external security researchers and reported as part of SAP’s disclosure program. They are also discovered directly by SAP through its’s ongoing research and testing. Security notes are scored by SAP using […]
Security Patching for SAP Solutions
The risk of unpatched systems is consistently reported as one of the top three threats to SAP systems in every survey of SAP customers performed by SAPinsider since 2021. Regularly implementing SAP security notes is reported as the most significant action performed by organizations to secure their SAP solutions. Security notes provide include corrections for […]
Analyzing Security Notes with SAP Maintenance Planner
Maintenance Planner is a cloud solution from SAP that supports the planning and administration of systems in SAP landscapes. It is the successor to Maintenance Optimizer and Landscape Planner and consolidates and simplifies tasks such as system installation, updates, upgrades and conversions. Maintenance Planner is hosted on the SAP Support Portal. It maintains an inventory […]
30 Percent of Security Notes in System Recommendations are False Positives
System Recommendations (SysRec) in SAP Solution Manager automatically calculates relevant security notes for SAP systems based on the available software and application components in each system. It provides a cross-system view for required notes using a customizable, user-friendly interface. The use of SysRec is recommended by SAP for the lifecycle management of notes. It connects […]
Security Advisory for Critical SAP ICMAD Vulnerabilities
International threat intelligence agencies including the U.S Cybersecurity & Infrastructure Security Agency (CISA) and the Computer Emergency Response Team for the EU (CERT-EU) issued security advisories last week for critical vulnerabilities in the SAP Internet Communication Manager (ICM). The ICM supports inbound and outbound communication with SAP systems using the HTTP(S) protocol. It is a […]