Quote:Enterprise software giant SAP pushed out fixes for a critical-severity vulnerability in its real-time data monitoring software for manufacturing operations. If exploited, the flaw could allow an attacker to access SAP databases, infect end users with malware and modify network configurations.
The critical-bug fix was part of 18 security patches released by SAP addressing new vulnerabilities and updating previously released patches.
The two most critical fixes, which are newly released as part of the security update, included the vulnerability in SAP’s Manufacturing Integration and Intelligence (MII) application for synchronizing manufacturing operations, as well as one in SAP’s NetWeaver AS Java software stack.
“With 18 new and updated SAP Security Notes, SAP’s March Patch Day is slightly below the average amount of patches released in the first two months in 2021,” said researchers with Onapsis in a Wednesday analysis. “With SAP MII, SAP NetWeaver AS Java and SAP HANA, three different applications are affected this time by critical vulnerabilities (HotNews and High Priority).”
Read more: SAP Stomps Out Critical RCE Flaw in Manufacturing Software | Threatpost
![[-]](https://www.geeks.fyi/images/collapse.png)
