Rewterz Threat Advisory – SAP Netweaver AS ABAP cross-site scripting

Rewterz Threat Alert – TA505 Active IoCs

September 14, 2020

Malware Analysis – Ursnif Trojan

September 14, 2020

Rewterz Threat Advisory – SAP Netweaver AS ABAP cross-site scripting

Severity

Medium

Analysis Summary

CVE-2020-6324

SAP Netweaver AS ABAP is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim’s Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim’s cookie-based authentication credentials.

Impact

Cross-site scripting

Affected Vendors

SAP

Affected Products

SAP NetWeaver AS ABAP 700
SAP NetWeaver AS ABAP 701
SAP NetWeaver AS ABAP 702
SAP NetWeaver AS ABAP 730
SAP NetWeaver AS ABAP 731
SAP NetWeaver AS ABAP 740
SAP NetWeaver AS ABAP 750
SAP NetWeaver AS ABAP 751
SAP NetWeaver AS ABAP 752
SAP NetWeaver AS ABAP 753
SAP NetWeaver AS ABAP 754
SAP NetWeaver AS ABAP 755

Remediation

Current SAP customers should refer to SAP note 2948239 for patch information.

Rewterz Threat Alert – TA505 Active IoCs

Malware Analysis – Ursnif Trojan

Rewterz Threat Advisory – SAP Netweaver AS ABAP cross-site scripting

Severity

Analysis Summary

CVE-2020-6324

Impact

Affected Vendors

Affected Products

Remediation

Security Operations Centers across the region

Saudi Arabia

UAE

Oman

Pakistan