{"id":40319,"date":"2021-04-06T13:12:00","date_gmt":"2021-04-06T13:12:00","guid":{"rendered":"http:\/\/f21cc84a-b7dd-4cdf-b45b-afddf5868974"},"modified":"2021-04-06T13:12:00","modified_gmt":"2021-04-06T13:12:00","slug":"sap-issues-advisory-on-the-exploit-of-old-vulnerabilities-to-target-enterprise-applications","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/sap-issues-advisory-on-the-exploit-of-old-vulnerabilities-to-target-enterprise-applications\/","title":{"rendered":"SAP issues advisory on the exploit of old vulnerabilities to target enterprise applications"},"content":{"rendered":"<div><img decoding=\"async\" src=\"https:\/\/www.zdnet.com\/a\/hub\/i\/r\/2021\/04\/01\/8848aa00-42db-4092-9f2a-71b90da6922a\/thumbnail\/770x578\/42551c5e597c29ad28038870401c5bca\/screenshot-2021-04-01-at-09-56-26.png\" class=\"ff-og-image-inserted\"><\/div>\n<p>Researchers have warned that critical vulnerabilities in unpatched SAP applications are being widely exploited by cyberattackers worldwide.&nbsp; <\/p>\n<p>On Tuesday, SAP and Onapsis jointly <a href=\"https:\/\/onapsis.com\/active-cyberattacks-mission-critical-sap-applications\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" data-component=\"externalLink\">released a report<\/a> on the activities, in which security flaws with CVSS severity scores of up to 10, the highest possible, are being weaponized.&nbsp; <\/p>\n<p>SAP applications are used by an estimated 400,000 enterprise organizations worldwide. While SAP is not aware of any direct customer-related breaches due to these activities, both the vendor and Onapsis say that there were at least 1,500 SAP application-related attack attempts tracked between June 2020 and March 2021, and at least 300 were successful.&nbsp; <\/p>\n<p>The joint report says that enterprise resource planning, customer relationship management software, and supply chain systems &#8212; among others &#8212; are being targeted.&nbsp; <\/p>\n<p>SAP issues security fixes for its products on a monthly basis, alongside organizations including Microsoft and Adobe.&nbsp; <\/p>\n<p>However, the companies say that the critical issues being exploited are not being fixed by customers &#8212; and in some cases, vulnerable, internet-facing SAP applications are laden with bugs that remained unpatched for months, or even years.&nbsp; <\/p>\n<p>Six vulnerabilities, in particular, are noted in the report as being actively exploited: <\/p>\n<h3><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2020-6287\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" data-component=\"externalLink\">CVE-2020-6287<\/a>: CVSS: 10&nbsp; <\/h3>\n<section class=\"sharethrough-top\" data-component=\"medusaContentRecommendation\" data-medusa-content-recommendation-options=\"{&quot;promo&quot;:&quot;promo_zd_recommendation_sharethrough_top_in_article_desktop&quot;,&quot;spot&quot;:&quot;dfp-in-article&quot;}\"> <\/section>\n<p>Also known as RECON, this remotely exploitable bug in SAP NetWeaver\/Java was caused by a failed authentication check. No privileges are required and upon exploit, this vulnerability leads to the creation of admin accounts and full system hijacking.&nbsp; <\/p>\n<p>A patch was issued on July 14, 2020, but Onapsis says attack activity utilizing this bug continues today.&nbsp; <\/p>\n<h3><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2020-6207\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" data-component=\"externalLink\">CVE-2020-6207<\/a>: CVSS 10&nbsp;<\/h3>\n<p>Impacting SAP Solution Manager (SolMan) version 7.2, this <a href=\"https:\/\/www.zdnet.com\/article\/automated-exploit-of-critical-sap-solman-vulnerability-detected-in-the-wild\/\" target=\"_blank\" rel=\"noopener noreferrer\">critical flaw<\/a> permits attackers to obtain full administrative control over the hub of an organization&#8217;s SAP setup.&nbsp; <\/p>\n<p>Proof-of-Concept (PoC) code was released for the security flaw following a patch issued by SAP on March 10, 2020. Exploit attempts have &#8220;increased significantly&#8221; since the release of the working PoC exploit code.<\/p>\n<h3><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2018-2380\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" data-component=\"externalLink\">CVE-2018-2380<\/a>: CVSS 6.6<\/h3>\n<p>This older vulnerability impacts the vendor&#8217;s SAP NetWeaver-based CRM solution and can be triggered to perform privilege escalation and to execute commands, eventually allowing for lateral movement through a corporate network. A patch was released on March 1, 2018.&nbsp; <\/p>\n<h3><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2016-9563\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" data-component=\"externalLink\">CVE-2016-9563<\/a>: CVSS 6.4<\/h3>\n<p>Patched in August 2016, this vulnerability impacts a component in SAP NetWeaver\/JAVA version 7.5, leading to remote &#8212; but low-privilege &#8212; authenticated attacks.&nbsp;<\/p>\n<h3><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2016-3976\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" data-component=\"externalLink\">CVE-2016-3976<\/a>: CVSS 7.5<\/h3>\n<p>Also found in SAP NetWeaver\/JAVA, this security flaw, patched in March 2016, permits remote attackers to read arbitrary files via directory traversal sequences, leading to information leaks and potentially privilege escalation if they are able to access the right resources.<\/p>\n<h3><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2010-5326\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" data-component=\"externalLink\">CVE-2010-5326<\/a>: CVSS 10<\/h3>\n<p>A critical vulnerability caused by an authentication failure in the Invoker Servlet within SAP NetWeaver Application Server\/JAVA platforms. The security flaw allows attackers to gain full control of SAP business processes. In 2016, the US Department of Homeland Security (DHS) <a href=\"https:\/\/us-cert.cisa.gov\/ncas\/alerts\/TA16-132A\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" data-component=\"externalLink\">issued an alert<\/a> on the active exploit of this bug, which continues to this day.&nbsp;<\/p>\n<p>In addition, the report says that the window for patching is &#8220;significantly smaller than previously thought,&#8221; with some SAP vulnerabilities becoming weaponized in less than 72 hours after public disclosure.&nbsp; <\/p>\n<p>&#8220;Observed exploitation could lead in many cases to full control of the unsecured SAP application, bypassing common security and compliance controls, and enabling attackers to steal sensitive information, perform financial fraud or disrupt mission-critical business processes by deploying ransomware or stopping operations,&#8221; the companies say. &#8220;These threats may also have regulatory compliance implications for organizations that have not properly secured their SAP applications processing regulated data.&#8221; <\/p>\n<p>CISA has also <a href=\"https:\/\/us-cert.cisa.gov\/ncas\/current-activity\/2021\/04\/06\/malicious-cyber-activity-targeting-critical-sap-applications\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" data-component=\"externalLink\">issued an alert<\/a> on these activities.&nbsp;<\/p>\n<h3> Previous and related coverage <\/h3>\n<hr>\n<p><strong>Have a tip?<\/strong> Get in touch securely via WhatsApp | Signal at +447713 025 499, or over at Keybase: charlie0 <\/p>\n<hr>\n<p> READ MORE <a href=\"https:\/\/www.zdnet.com\/article\/sap-issues-advisory-on-vulnerable-applications-being-widely-targeted-by-hackers\/#ftag=RSSbaffb68\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>New research also reveals that SAP vulnerabilities, on average, are weaponized in less than 72 hours.<br \/>\nREAD MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":40320,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[62],"tags":[],"class_list":["post-40319","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-zdnet-security"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.8 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>SAP issues advisory on the exploit of old vulnerabilities to target enterprise applications 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/sap-issues-advisory-on-the-exploit-of-old-vulnerabilities-to-target-enterprise-applications\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"SAP issues advisory on the exploit of old vulnerabilities to target enterprise applications 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/sap-issues-advisory-on-the-exploit-of-old-vulnerabilities-to-target-enterprise-applications\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2021-04-06T13:12:00+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2021\/04\/sap-issues-advisory-on-the-exploit-of-old-vulnerabilities-to-target-enterprise-applications.png\" \/>\n\t<meta property=\"og:image:width\" content=\"770\" \/>\n\t<meta property=\"og:image:height\" content=\"578\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/sap-issues-advisory-on-the-exploit-of-old-vulnerabilities-to-target-enterprise-applications\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/sap-issues-advisory-on-the-exploit-of-old-vulnerabilities-to-target-enterprise-applications\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"SAP issues advisory on the exploit of old vulnerabilities to target enterprise applications\",\"datePublished\":\"2021-04-06T13:12:00+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/sap-issues-advisory-on-the-exploit-of-old-vulnerabilities-to-target-enterprise-applications\\\/\"},\"wordCount\":625,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/sap-issues-advisory-on-the-exploit-of-old-vulnerabilities-to-target-enterprise-applications\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2021\\\/04\\\/sap-issues-advisory-on-the-exploit-of-old-vulnerabilities-to-target-enterprise-applications.png\",\"articleSection\":[\"ZDNet | Security\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/sap-issues-advisory-on-the-exploit-of-old-vulnerabilities-to-target-enterprise-applications\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/sap-issues-advisory-on-the-exploit-of-old-vulnerabilities-to-target-enterprise-applications\\\/\",\"name\":\"SAP issues advisory on the exploit of old vulnerabilities to target enterprise applications 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/sap-issues-advisory-on-the-exploit-of-old-vulnerabilities-to-target-enterprise-applications\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/sap-issues-advisory-on-the-exploit-of-old-vulnerabilities-to-target-enterprise-applications\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2021\\\/04\\\/sap-issues-advisory-on-the-exploit-of-old-vulnerabilities-to-target-enterprise-applications.png\",\"datePublished\":\"2021-04-06T13:12:00+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/sap-issues-advisory-on-the-exploit-of-old-vulnerabilities-to-target-enterprise-applications\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/sap-issues-advisory-on-the-exploit-of-old-vulnerabilities-to-target-enterprise-applications\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/sap-issues-advisory-on-the-exploit-of-old-vulnerabilities-to-target-enterprise-applications\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2021\\\/04\\\/sap-issues-advisory-on-the-exploit-of-old-vulnerabilities-to-target-enterprise-applications.png\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2021\\\/04\\\/sap-issues-advisory-on-the-exploit-of-old-vulnerabilities-to-target-enterprise-applications.png\",\"width\":770,\"height\":578},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/sap-issues-advisory-on-the-exploit-of-old-vulnerabilities-to-target-enterprise-applications\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"SAP issues advisory on the exploit of old vulnerabilities to target enterprise applications\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"SAP issues advisory on the exploit of old vulnerabilities to target enterprise applications 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/sap-issues-advisory-on-the-exploit-of-old-vulnerabilities-to-target-enterprise-applications\/","og_locale":"en_US","og_type":"article","og_title":"SAP issues advisory on the exploit of old vulnerabilities to target enterprise applications 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/sap-issues-advisory-on-the-exploit-of-old-vulnerabilities-to-target-enterprise-applications\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2021-04-06T13:12:00+00:00","og_image":[{"width":770,"height":578,"url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2021\/04\/sap-issues-advisory-on-the-exploit-of-old-vulnerabilities-to-target-enterprise-applications.png","type":"image\/png"}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/sap-issues-advisory-on-the-exploit-of-old-vulnerabilities-to-target-enterprise-applications\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/sap-issues-advisory-on-the-exploit-of-old-vulnerabilities-to-target-enterprise-applications\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"SAP issues advisory on the exploit of old vulnerabilities to target enterprise applications","datePublished":"2021-04-06T13:12:00+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/sap-issues-advisory-on-the-exploit-of-old-vulnerabilities-to-target-enterprise-applications\/"},"wordCount":625,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/sap-issues-advisory-on-the-exploit-of-old-vulnerabilities-to-target-enterprise-applications\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2021\/04\/sap-issues-advisory-on-the-exploit-of-old-vulnerabilities-to-target-enterprise-applications.png","articleSection":["ZDNet | Security"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/sap-issues-advisory-on-the-exploit-of-old-vulnerabilities-to-target-enterprise-applications\/","url":"https:\/\/www.threatshub.org\/blog\/sap-issues-advisory-on-the-exploit-of-old-vulnerabilities-to-target-enterprise-applications\/","name":"SAP issues advisory on the exploit of old vulnerabilities to target enterprise applications 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/sap-issues-advisory-on-the-exploit-of-old-vulnerabilities-to-target-enterprise-applications\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/sap-issues-advisory-on-the-exploit-of-old-vulnerabilities-to-target-enterprise-applications\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2021\/04\/sap-issues-advisory-on-the-exploit-of-old-vulnerabilities-to-target-enterprise-applications.png","datePublished":"2021-04-06T13:12:00+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/sap-issues-advisory-on-the-exploit-of-old-vulnerabilities-to-target-enterprise-applications\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/sap-issues-advisory-on-the-exploit-of-old-vulnerabilities-to-target-enterprise-applications\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/sap-issues-advisory-on-the-exploit-of-old-vulnerabilities-to-target-enterprise-applications\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2021\/04\/sap-issues-advisory-on-the-exploit-of-old-vulnerabilities-to-target-enterprise-applications.png","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2021\/04\/sap-issues-advisory-on-the-exploit-of-old-vulnerabilities-to-target-enterprise-applications.png","width":770,"height":578},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/sap-issues-advisory-on-the-exploit-of-old-vulnerabilities-to-target-enterprise-applications\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"SAP issues advisory on the exploit of old vulnerabilities to target enterprise applications"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/40319","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=40319"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/40319\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/40320"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=40319"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=40319"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=40319"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}