Skip to main content

SAP Releases April 2023 Security Updates

Scheduled security updates address vulnerabilities affecting multiple products

Report a cyber attack: call 0300 303 5222 or email [email protected]

Summary

Scheduled security updates address vulnerabilities affecting multiple products


The following platforms are also known to be affected:

  • SAP Diagnostics Agent
  • SAP GUI for HTML
  • SAP Customer Relationship Manager (CRM)
  • SAP Web Dispatcher and Internet Communication Manager
  • SAP Commerce
  • SAP Application Interface Framework

Threat details

Introduction

SAP has released security updates to address multiple vulnerabilities, which are covered in nineteen new security notes and five updates to previous notes. Five of these vulnerabilities are rated as critical and one vulnerability is rated as high. An attacker could exploit some of these vulnerabilities to perform remote code execution, cross site scripting (XSS), denial-of-service, or other malicious activity.


Remediation advice

Affected organisations are encouraged to review the SAP Security Notes for April 2023 and apply the necessary updates.



CVE Vulnerabilities

Last edited: 11 April 2023 1:28 pm