Skip to main content

Flaw in PricewaterhouseCoopers software can allow hackers to manipulate accounting results

posted onDecember 12, 2016
by l33tdawg

A critical flaw in a security tool built for SAP systems by PricewaterhouseCoopers can allow hackers to manipulate accounting and financial details of clients a latest research has claimed.

German security firm ESNC has found that the Automated Controls Evaluator (ACE), which extracts security and configuration data from an SAP system and generates exception reports by review has a high-risk flaw in its software.

"This security vulnerability may allow an attacker to manipulate accounting documents and financial results, bypass change management controls, and bypass segregation of duties restrictions," ESNC said in an advisory. The research goes on to state that if the flaw is exploited it could result in fraud, theft or manipulation of sensitive data including customer master data and HR payroll information, unauthorised payments and more.

Source

Tags

Industry News

You May Also Like

Recent News

Friday, November 29th

Tuesday, November 19th

Friday, November 8th

Friday, November 1st

Tuesday, July 9th

Wednesday, July 3rd

Friday, June 28th

Thursday, June 27th

Thursday, June 13th

Wednesday, June 12th

Tuesday, June 11th

Simplenews subscription

Stay informed - subscribe to our newsletter.
The subscriber's email address.
Keeping Knowledge Free for Over a Decade

Copyright © 2018 Hack In The Box. All rights reserved.

36th Floor, Menara Maxis, Kuala Lumpur City Centre 50088 Kuala Lumpur Malaysia
Tel: +603-2615-7299 Fax: +603-2615-0088