Skip to main content

SAP Patches High-Risk Flaws in SAP POS, Host Agent

posted onJuly 14, 2017
by l33tdawg

L33tdawg: Check out the demo live at #HITBGSEC next month :)

SAP fixed 23 vulnerabilities across roughly a dozen products on Tuesday, including a series of high-risk flaws that could allow an attacker to gain access to SAP POS, the company’s client/server point-of-sale (PoS) solution.

The issues in SAP POS, a series of missing authorization checks, could let an attacker access a service without authorization, according to ERPScan, a firm that specializes in SAP and Oracle security. The solution runs parallel to the company’s retail solution portfolio and is used by 80 percent of retailers in Forbes Global 2000, according to ERPScan. The vulnerabilities, which technically exist in the SAP solution’s Retail Xpress Server, could lead to information disclosure, privilege escalation and other attacks.



Security Industry News HITB HITBGSEC

You May Also Like

Recent News

Thursday, February 22nd

Wednesday, February 21st

Tuesday, February 20th

Monday, February 19th

Thursday, February 15th