Skip to content

🚨 Latest SAP Security Updates – November 2023: What You Need to Know

In November 2023, SAP released six new and updated security notes, including two HotNews notes and four rated medium priority. Here are the key points worth noting: 1. Critical update for CommonCryptoLib: SAP Security Note #3340576,...

In November 2023, SAP released six new and updated security notes, including two HotNews notes and four rated medium priority. Here are the key points worth noting:

  1. Critical update for CommonCryptoLib: SAP Security Note #3340576, rated 9.8 on the CVSS scale, addresses a critical missing authorisation check in SAP CommonCryptoLib. This vulnerability could lead to a complete compromise of the affected application. The update to this note contains minor textual changes that are important for SAP HANA Database 2.0 customers.

  2. New threats for SAP Business One: A new HotNews note, SAP Security Note #3355658 with a CVSS score of 9.6, addresses improper access control during the installation of SAP Business One.

🔍 Summary and actions: Although November’s SAP Security Patch Day was relatively quiet, the updates - particularly those relating to SAP CommonCryptoLib and Business One - require a prompt response and remediation.

💬 Worth discussing: What has been your experience deploying these security updates? Are your SAP systems already protected against these newly discovered vulnerabilities?

Tematy: Other sap-security SAP S/4HANA SAP HANA

Get in touch