SAP point-of-sale systems were totally hackable with $25 kit

https://regmedia.co.uk/2015/07/17/pos_8976865.jpg?x=442&y=293&crop=1

Point-of-Sale systems from SAP had a vulnerability that allowed them to be hacked using a $25 Raspberry Pi or similar device, according to research unveiled at the Hack in the Box conference in Singapore last week.

Critical vulnerabilities in SAP's POS – since resolved – created a means for hackers not only to steal customers' card data but to gain unfettered control over the server, enabling them to change prices of goods with the help of a simple device, according to ERPScan.

SAP developed a patch after being alerted to the problem by ERPScan in April, allowing the enterprise app security specialists to go public with their discovery last week.