Skip to main content

SAP Patches High-Risk Flaws in SAP POS, Host Agent

posted onJuly 14, 2017
by l33tdawg

L33tdawg: Check out the demo live at #HITBGSEC next month :)

SAP fixed 23 vulnerabilities across roughly a dozen products on Tuesday, including a series of high-risk flaws that could allow an attacker to gain access to SAP POS, the company’s client/server point-of-sale (PoS) solution.

The issues in SAP POS, a series of missing authorization checks, could let an attacker access a service without authorization, according to ERPScan, a firm that specializes in SAP and Oracle security. The solution runs parallel to the company’s retail solution portfolio and is used by 80 percent of retailers in Forbes Global 2000, according to ERPScan. The vulnerabilities, which technically exist in the SAP solution’s Retail Xpress Server, could lead to information disclosure, privilege escalation and other attacks.



Security Industry News HITB HITBGSEC

Recent News

Tuesday, November 14th

Sunday, November 12th

Friday, November 10th

Wednesday, November 8th

Monday, November 6th