Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Share Post: Reddit Facebook
Scanning Activity Detected After Release of Exploit for Critical SAP SolMan Flaw
#1
Quote:A Russian researcher has made public on GitHub a functional exploit targeting a critical vulnerability that SAP patched in its Solution Manager product in March 2020.

Solution Manager (SolMan) was designed to provide central management for SAP and non-SAP systems and requires for Solution Manager Diagnostic Agent (SMDAgent) to be installed on each host, for the management of communications, monitoring, and diagnostics.



Tracked as CVE-2020-6207 and featuring a CVSS score of 10, the security flaw is a missing authorization check in the EEM Manager component of SolMan, which could allow an unauthenticated, remote attacker to execute operating system commands on hosts, as the SMDAgent.



The researcher who published the fully-functional exploit for the bug on GitHub claims the project is for educational purposes only, and that it “cannot be used for law violation or personal gain.”



Following the publication of the exploit, however, security researchers at Onapsis, a firm that specializes in securing SAP applications, have observed scanning in the wild for vulnerable systems.



It’s not common for proof-of-concept (PoC) exploits targeting SAP vulnerabilities to be made public, Onapsis says, adding that the availability of the code will likely result in an increase in exploitation attempts from both SAP-expert adversaries, and script kiddies.

“A successful attack exploiting this vulnerability would put an organization’s mission-critical SAP applications, business process and data at risk—impacting cybersecurity and regulatory compliance,” Onapsis notes.



Being an administrative system, SolMan “has connections and trust relationships with every SAP system throughout the landscape,” and an attacker able to compromise it would essentially gain access to any business system connected to it, the security firm warns.



Source
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  McAfee Total Security 2024 Fast Scanning Feature Update mrtrout 0 667 04-15-2024 , 05:23 AM
Last Post: mrtrout
  VMware warns of critical vRealize flaw exploited in attacks mrtrout 0 564 06-21-2023 , 02:00 AM
Last Post: mrtrout
  Google shares PoC exploit for critical Windows 10 Graphics RCE bug Bjyda 1 1,370 02-28-2021 , 05:53 AM
Last Post: Mohammad.Poorya
  Attackers scan for vulnerable VMware servers after PoC exploit release Bjyda 0 1,120 02-25-2021 , 11:54 PM
Last Post: Bjyda
  119k Threats Per Minute Detected in 2020 Bjyda 0 916 02-24-2021 , 11:45 PM
Last Post: Bjyda



Users browsing this thread: 1 Guest(s)