A critical vulnerability in the SAP NetWeaver Application Server (AS) Java, specifically in the LM Configuration Wizard, can allow unauthenticated attackers to take control of trusted SAP applications. Immediate patches are advised by CISA and SAP, especially for internet-facing systems. Organizations unable to patch promptly should disable the LM Configuration Wizard service and monitor for any unusual activity.
© 2024. All rights reserved.
0