» » SAP Patches High-Severity Flaws in Business One, BusinessObjects, GRC

SAP Patches High-Severity Flaws in Business One, BusinessObjects, GRC

SAP Patches High-Severity Flaws in Business One, BusinessObjects, GRC

Dwelling › Vulnerabilities

SAP Patches Excessive-Severity Flaws in Enterprise One, BusinessObjects, GRC

By Ionut Arghire on September 15, 2022

Tweet

German software program maker SAP this week introduced the discharge of eight new and 5 up to date safety notes as a part of its September 2022 Safety Patch Day.

Crucial of the newly launched safety notes offers with a high-severity vulnerability in Enterprise One that might result in escalation of privileges.

Tracked as CVE-2022-35292 (CVSS rating of seven.8), the problem is described as an unquoted service path vulnerability.

Due to this challenge, if an execution path is supplied with out quotes, an attacker with write privileges to sub-directories within the path might place malicious executable information in these directories, which will likely be executed as a substitute of the supposed executable.

“An unquoted service path vulnerability may be exploited to execute an arbitrary binary file when the weak service begins, which might permit it to escalate privileges to SYSTEM,” enterprise software safety agency Onapsis explains.

SAP additionally addressed a high-severity vulnerability in BusinessObjects (CVE-2022-39014, CVSS rating of seven.7), which might present an attacker with entry to unencrypted delicate data.

Impacting SAP GRC, the third high-severity flaw that SAP resolved this month might be exploited by an authenticated attacker to entry a Firefighter session even after it has been closed in Firefighter Logon Pad. The difficulty is tracked as CVE-2022-39801 (CVSS rating of seven.1).

The entire 5 remaining new safety notes launched on SAP’s September 2022 Safety Patch Day are rated ‘medium severity’. They affect BusinessObjects, NetWeaver Enterprise Portal, NetWeaver AS ABAP, and NetWeaver Utility Server ABAP.

Crucial of the 5 up to date safety notes is a hot-news word coping with the Chromium-based browser in SAP Enterprise Shopper, which is periodically up to date.

This month, SAP additionally up to date high-priority notes coping with vulnerabilities in Information Warehouse, SuccessFactors, and BusinessObjects.

Associated: SAP Patches Data Disclosure Vulnerabilities in BusinessObjects

Associated: SAP Patches Excessive-Severity Vulnerabilities in Enterprise One Product

Associated: SAP Patches Excessive-Severity NetWeaver Vulnerabilities

Get the Every day Briefing

 
 
 

  • Most Current
  • Most Learn
  • Rust Will get a Devoted Safety Crew
  • US, UK, Canada and Australia Hyperlink Iranian Authorities Company to Ransomware Assaults
  • Information Safety Agency Fortanix Raises $90M Collection C
  • 2022 CISO Discussion board: All Periods on Demand
  • EU Desires to Toughen Cybersecurity Guidelines for Sensible Gadgets
  • OneLayer Raises $6.5 Million From Koch’s VC Arm
  • FBI Warns of Cyberattacks Focusing on Healthcare Cost Processors
  • Dope.safety Emerges From Stealth With New Strategy to Safe Net Gateways
  • Chrome 105 Replace Patches Excessive-Severity Vulnerabilities
  • US Authorities Desires Safety Ensures From Software program Distributors

Searching for Malware in All of the Incorrect Locations?

First Step For The Web’s subsequent 25 years: Including Safety to the DNS

Tattle Story: What Your Pc Says About You

Be in a Place to Act Via Cyber Situational Consciousness

Report Exhibits Closely Regulated Industries Letting Social Networking Apps Run Rampant

2010, A Nice Yr To Be a Scammer.

Do not Let DNS be Your Single Level of Failure

Establish Malware in a Blink

Defining and Debating Cyber Warfare

The 5 A’s that Make Cybercrime so Enticing

Defend In opposition to DDoS Assaults

Safety Budgets Not in Line with Threats

Anycast – Three Causes Why Your DNS Community Ought to Use It

The Evolution of the Prolonged Enterprise: Safety Methods for Ahead Considering Organizations

Utilizing DNS Throughout the Prolonged Enterprise: It’s Dangerous Enterprise

author-Orbit Brain
Orbit Brain
Orbit Brain is the senior science writer and technology expert. Our aim provides the best information about technology and web development designing SEO graphics designing video animation tutorials and how to use software easy ways
and much more. Like Best Service Latest Technology, Information Technology, Personal Tech Blogs, Technology Blog Topics, Technology Blogs For Students, Futurism Blog.

Cyber Security News Related Articles