50,000 SAP customers are currently vulnerable to hacks due to software misconfiguration

The vulnerabilities could be prevented if customers simply followed guidance set by SAP more than five years ago

Blue SAP sign

Up to 50,000 businesses that use SAP software are at risk of becoming victim to a cyber attack due to misconfigured software, according to research.

The new critical exploits discovered by cyber security firm Onapsis on 23 April and dubbed '10KBLAZE' would allow a hacker to abuse a misconfiguration in SAPNetWeaver installations as well as S4/HANA to assume complete control of a system without the need for a valid SAP user ID and password.

The company said that after a 10-year examination of publicly available information, 90% of the 1,000,000 SAP systems that are live right now are running the potentially vulnerable equipment.

SAP released guidance to its customers in 2009 and 2013 which outlined how to properly configure the SAP software to protect against security vulnerabilities. But the latest report shows how many businesses have taken these security warnings with a grain of salt.

"The onus is on service providers and customers to implement, enforce and monitor tighter security controls on the systems," said Mariano Nunez, CEO and co-founder, Onapsis. "This can be very challenging and take significant resources, but the stakes are simply too high not to make the suggested configuration changes."

SAP is a global powerhouse in software development and its products are relied upon by many of the world's leading businesses. Up to 90% of the world's top 2,000 businesses use SAP software to some degree in their infrastructure.

SAP customers collectively distribute 78% of the world's food and 82% of the world's medical devices, according to the company's website. Attacks on these companies could prove to be catastrophic to the global supply chain.

"With these exploits, a hacker could steal anything that sits on a company's SAP systems and also modify any information there - so he can perform financial fraud, withdraw money, or just plainly sabotage and disrupt the systems," Nunez told Reuters.

"SAP is aware of recent reports about vulnerabilities in SAP Gateway and Message Server, however, these have been patched by SAP a few years ago," said an SAP spokesperson. "Security notes 821875,1408081 and 1421005 released in 2009 and 2013 will protect the customer from these exploits. As always, we strongly advise our customers to apply these security notes immediately and ensure secure configuration of their SAP landscape."

SAP has reported strong growth this year after its Q4 report released in January revealed a 9% revenue growth, primarily attributed to the company's SaaS offerings as legacy products dwindled.

Featured Resources

Security analytics for your multi-cloud deployments

IBM Security QRadar SIEM solution brief

Download now

Five reasons to move to the cloud

Join the enterprises moving their workloads to the cloud

Download now

Architecting hybrid IT and edge for digital advantage

Why business leaders should consider a hybrid IT strategy

Download now

Six reasons to accelerate remote asset monitoring with AI

How to optimise resources, increase productivity, and grow profit margins with AI

Download now

Recommended

Lazarus APT hacking group is targeting the defense industry
Security

Lazarus APT hacking group is targeting the defense industry

26 Feb 2021
Microsoft open sources CodeQL queries used in Solorigate inquiry
Security

Microsoft open sources CodeQL queries used in Solorigate inquiry

26 Feb 2021
CISA warns of ongoing Accellion File Transfer Appliance attacks
hacking

CISA warns of ongoing Accellion File Transfer Appliance attacks

25 Feb 2021
What is a Trojan?
Security

What is a Trojan?

25 Feb 2021

Most Popular

How to build a CMS with React and Google Sheets
content management system (CMS)

How to build a CMS with React and Google Sheets

24 Feb 2021
Oxford University COVID lab falls victim to hackers
hacking

Oxford University COVID lab falls victim to hackers

26 Feb 2021
Npower shuts down app after hackers steal user data
hacking

Npower shuts down app after hackers steal user data

25 Feb 2021