SAP’s patch update for this month included a fix for a critical remote code execution vulnerability in the SAP GUI client that provides remote access to a central SAP server in a corporate network.
Researchers at ERPScan, a Dutch company specializing in business application security, disclosed some details and a proof-of-concept exploit of the vulnerability, CVE-2017-6950, today during the Troopers security conference in Germany.
Leave a reply