Rewterz Threat Advisory – CVE-2022-41207 – SAP Biller Direct Vulnerability

Rewterz Threat Alert – Remcos RAT – Active IOCs

November 10, 2022

Rewterz Threat Alert – APT-C-23 or AridViper Threat Group – Active IOCs

November 10, 2022

Rewterz Threat Advisory – CVE-2022-41207 – SAP Biller Direct Vulnerability

Severity

High

Analysis Summary

CVE-2022-41207

SAP Biller Direct could allow a remote attacker to conduct phishing attacks, caused by an open redirect vulnerability. An attacker could exploit this vulnerability using a specially-crafted URL to redirect a victim to arbitrary Web sites.

Impact

Gain Access

Indicators Of Compromise

CVE

CVE-2022-41207

Affected Vendors

SAP

Affected Products

SAP Biller Direct 635
SAP Biller Direct 750

Remediation

Current SAP customers should refer to SAP Security Advisory for patch information, available from the SAP Web site (login required).

SAP Security Advisory

Rewterz Threat Alert – Remcos RAT – Active IOCs

Rewterz Threat Alert – APT-C-23 or AridViper Threat Group – Active IOCs

Rewterz Threat Advisory – CVE-2022-41207 – SAP Biller Direct Vulnerability

Severity

Analysis Summary

Impact

Indicators Of Compromise

CVE

Affected Vendors

Affected Products

Remediation

Security Operations Centers across the region

Saudi Arabia

UAE

Oman

Pakistan