Rewterz Threat Update – Nation-State APT Groups Weaponize Artificial Intelligence and Large Language Modules for Cyber Attacks
February 16, 2024Rewterz Threat Alert – Chinese APT Leverages Deepfakes to Propagate Mobile Banking Gold Pickaxe Malware – Active IOCs
February 16, 2024Rewterz Threat Update – Nation-State APT Groups Weaponize Artificial Intelligence and Large Language Modules for Cyber Attacks
February 16, 2024Rewterz Threat Alert – Chinese APT Leverages Deepfakes to Propagate Mobile Banking Gold Pickaxe Malware – Active IOCs
February 16, 2024Severity
Medium
Analysis Summary
CVE-2024-21734 CVSS: 4.4
SAP Marketing could allow a remote authenticated attacker to conduct phishing attacks, caused by an open redirect vulnerability. An attacker could exploit this vulnerability using a specially crafted URL to redirect a victim to arbitrary Web sites.
CVE-2024-21735 CVSS: 7.3
SAP LT Replication Server could allow a remote authenticated attacker to gain elevated privileges on the system, caused by improper authorization validation. By sending a specially crafted request, an authenticated attacker could exploit this vulnerability to gain elevated privileges.
CVE-2024-21736 CVSS: 6.4
SAP S/4HANA Finance could allow a remote authenticated attacker to bypass security restrictions, caused by improper authorization validation. By sending a specially crafted request, an attacker could exploit this vulnerability to create in-house bank accounts.
CVE-2024-21738 CVSS: 4.1
SAP NetWeaver ABAP Application Server and ABAP Platform is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote authenticated attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim’s Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim’s cookie-based authentication credentials.
CVE-2024-22124 CVSS: 4.1
SAP NetWeaver could allow a local authenticated attacker to obtain sensitive information, caused by improper access control. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information, and use this information to launch further attacks against the affected system.
CVE-2024-22125 CVSS: 7.4
SAP Microsoft Edge browser extension could allow a remote attacker to obtain sensitive information, caused by improper access control. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information, and use this information to launch further attacks against the affected system.
CVE-2024-21737 CVSS: 7.6
SAP Application Interface Framework could allow a remote authenticated attacker to execute arbitrary commands on the system, caused by a code injection flaw. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system.
CVE-2024-22129 CVSS: 5.4
SAP Companion is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote authenticated attacker could exploit this vulnerability using a specially crafted URL to execute script in a victim’s Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim’s cookie-based authentication credentials.
CVE-2024-25642 CVSS: 7.4
SAP is vulnerable to a man-in-the-middle attack, caused by improper validation of certificate . An attacker could exploit this vulnerability to launch a man-in-the-middle attack and gain access to the communication channel between endpoints to obtain sensitive information or further compromise the system.
CVE-2024-22132 CVSS: 7.4
SAP IDES Systems could allow a remote authenticated attacker to execute arbitrary code on the system, caused by a command injection flaw. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system.
Impact
- Privilege Escalation
- Security Bypass
- Cross-Site Scripting
- Information Disclosure
- Code Execution
- Gain Access
Indicators Of Compromise
CVE
- CVE-2024-20726
- CVE-2024-20727
- CVE-2024-20728
- CVE-2024-20729
- CVE-2024-20730
- CVE-2024-20731
Affected Vendors
SAP
Affected Products
- SAP Cloud Connector 2.0
- SAP Marketing 160
- SAP LT Replication Server S4CORE 103
- SAP LT Replication Server S4CORE 104
- SAP LT Replication Server S4CORE 105
- SAP LT Replication Server S4CORE 106
- SAP LT Replication Server S4CORE 107
- SAP LT Replication Server S4CORE 108
- SAP S/4HANA Finance SAPSCORE 128
- SAP S/4HANA Finance S4CORE 10
- SAP NetWeaver ABAP Application Server and ABAP Platform SAP_BASIS 700
- SAP NetWeaver ABAP Application Server and ABAP Platform SAP_BASIS 701
- SAP NetWeaver ABAP Application Server and ABAP Platform SAP_BASIS 702
- SAP NetWeaver ABAP Application Server and ABAP Platform SAP_BASIS 731
- SAP NetWeaver ABAP Application Server and ABAP Platform SAP_BASIS 740
- SAP NetWeaver ABAP Application Server and ABAP Platform SAP_BASIS 750
- SAP NetWeaver ABAP Application Server and ABAP Platform SAP_BASIS 751
- SAP NetWeaver ABAP Application Server and ABAP Platform SAP_BASIS 752
- SAP NetWeaver ABAP Application Server and ABAP Platform SAP_BASIS 753
- SAP NetWeaver ABAP Application Server and ABAP Platform SAP_BASIS 754
- SAP NetWeaver ABAP Application Server and ABAP Platform SAP_BASIS 755
- SAP NetWeaver ABAP Application Server and ABAP Platform SAP_BASIS 756
- SAP NetWeaver ABAP Application Server and ABAP Platform SAP_BASIS 757
- SAP NetWeaver ABAP Application Server and ABAP Platform SAP_BASIS 758
- SAP NetWeaver ABAP Application Server and ABAP Platform SAP_BASIS 793
- SAP NetWeaver ABAP Application Server and ABAP Platform SAP_BASIS 794
- SAP NetWeaver KRNL64NUC 7.22
- SAP NetWeaver KRNL64NUC 7.22EXT
- SAP NetWeaver KRNL64UC 7.22
- SAP NetWeaver KRNL64UC 7.22EXT
- SAP NetWeaver KRNL64UC 7.53
- SAP NetWeaver KERNEL 7.22
- SAP NetWeaver KERNEL 7.53
- SAP NetWeaver WEBDISP 7.22
- SAP NetWeaver WEBDISP 7.53
- SAP NetWeaver WEBDISP 7.54
- SAP Microsoft Edge browser extension 1.0
- SAP Application Interface Framework 702
- SAP Companion 3.1
- SAP IDES Systems
Remediation
Current SAP customers should refer to SAP Security Document for patch information, available from the SAP Website (login required).