Skip to main content

SAP Releases February 2023 Security Updates

Scheduled security updates address vulnerabilities affecting multiple products

Report a cyber attack: call 0300 303 5222 or email [email protected]

Summary

Scheduled security updates address vulnerabilities affecting multiple products


Affected platforms

The following platforms are known to be affected:

The following platforms are also known to be affected:

  • SAP Host Agent Service
  • SAP Business Planning and Consolidation
  • SAP BusinessObjects Business Intelligence platform
  • SAP NetWeaver AS
  • SAP Customer Relationship Management (CRM)

Threat details

Introduction

SAP has released security updates to address multiple vulnerabilities, which are covered in seventeen new security notes and four updates to previous notes. Three of these vulnerabilities are rated High and involve issues such as privilege escalation, cross site scripting (XSS), and improper access control. An attacker could exploit some of these vulnerabilities to take control of an affected system.


Remediation advice

Affected organisations are encouraged to review the SAP Security Notes for February 2023 and apply the necessary updates.



Last edited: 15 February 2023 3:33 pm