Communications of the ACM

Home/News/Black Hat: How Hackers Gain Root Access to SAP Enterprise.../Full Text

ACM TechNews

Black Hat: How Hackers Gain Root Access to SAP Enterprise Servers Through SolMan

August 13, 2020
Comments

View as: Print Mobile App Share:

Cybersecurity researchers at the Black Hat USA 2020 conferences found that attackers could exploit vulnerabilities in SAP Solution Manager to gain root access to enterprise servers.

Credit: Black Hat USA 2020

At the Black Hat USA 2020 conferences, cybersecurity researchers from Boston-based Onapsis detailed how attackers could exploit vulnerabilities in SAP Solution Manager (SolMan) to gain root access to enterprise servers.

SolMan, comparable to Windows Active Directory, links software agents on SAP servers via the SAP Solution Manager Diagnostic Agent (SMDAgent). Left unpatched, these vulnerabilities could have major ramifications, given that about 87% of the Global 2000 uses SAP in some fashion.

The researchers found that a remote code execution vulnerability could enable unauthenticated attackers to compromise all SMDAgents connected to SolMan.

Other vulnerabilities could allow attackers who obtained administrator privileges to abuse the operation framework to gain root-level privileges, and enable privilege escalation when attackers possess admin_group privileges.

Were these vulnerabilities chained, remote attackers could execute files, including malicious payloads, as root users.

SAP has released fixes for these vulnerabilities.

From ZDNet
View Full Article

No entries found

Black Hat: How Hackers Gain Root Access to SAP Enterprise Servers Through SolMan

Bitcoin ETFs Have Arrived. Here's Who Stands to Get Rich

Undergraduate Computer Science Curricula

'On Expert Testimony': A Response