Severity High Analysis Summary Sidewinder is a suspected Indian threat actor group that has been active since 2012. They have observed attacking political, military, and corporate […]

Severity High Analysis Summary CVE-2022-41264 SAP BASIS could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an unrestricted scope of […]

Severity Medium Analysis Summary The malware loader, Bumblebee, is used to download Cobalt Strike and perhaps other malware such as ransomware. It also replaces the BazarLoader […]

Severity Medium Analysis Summary CVE-2022-41274 SAP Disclosure Management could allow a remote attacker to obtain sensitive information, caused by improper authorization validation. By sending a specially-crafted […]

Severity High Analysis Summary CVE-2022-41266  SAP Commerce Webservices is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this […]

Severity Medium Analysis Summary CVE-2022-41273 SAP Sourcing and Contract Lifecycle Management could allow a remote attacker to conduct phishing attacks, caused by an open redirect vulnerability. […]

Severity High Analysis Summary CVE-2022-41272 CVSS:9.9 SAP NetWeaver Process Integration could allow a remote attacker to bypass security restrictions, caused by improper access control. By sending […]

Severity High Analysis Summary Shuckworm APT – aka Actinium, Armageddon, Primitive Bear, Gamaredon, and Trident Ursa – is a Russia-backed advanced persistent threat (APT) that has […]

Severity Medium Analysis Summary CVE-2022-41275 CVSS:6.1 SAP Solution Manager could allow a remote attacker to conduct phishing attacks, caused by an open redirect vulnerability. An attacker […]