SAP Critical Vulnerability Exposes Systems to Complete Takeover - 202… (

#738) * SAP Critical Vulnerability Exposes Systems to Complete Takeover - 20240516003 * Format markdown docs --------- Co-authored-by: petarpetrovski <petarpetrovski@users.noreply.github.com>
wagov · May 16, 2024 · 8fc97b4 · 8fc97b4
1 parent 51c5049
commit 8fc97b4
Showing 1 changed file with 25 additions and 0 deletions.
diff --git a/.../20240516003-SAP-Critical-Vulnerability-Exposes-Systems-to-Complete-Takeover.md b/.../20240516003-SAP-Critical-Vulnerability-Exposes-Systems-to-Complete-Takeover.md
@@ -0,0 +1,25 @@
+# SAP Critical Vulnerability Exposes Systems to Complete Takeover - 20240516003
+
+## Overview
+
+The WA SOC has been made aware of a critical vulnerability in SAP NetWeaver Application Server ABAP and ABAP Platform. This vulnerability allows an unauthenticated attacker to upload a malicious file to the server, potentially leading to complete system compromise when accessed by a victim.
+
+## What is vulnerable?
+
+| CVE                                                          | Severity     | CVSS | Product(s) Affected                                                                             | Summary                                                                                                                                                     | Dated      |
+| ------------------------------------------------------------ | ------------ | ---- | ----------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------- |
+| [CVE-2024-33006](https://www.tenable.com/cve/CVE-2024-33006) | **Critical** | 9.6  | **SAP_BASIS versions 700, 701, 702, 731, 740, 750, 751, 752, 753, 754, 755, 756, 757, and 758** | An unauthenticated attacker can upload a malicious file to the server which when accessed by a victim can allow an attacker to completely compromise system | 14/05/2024 |
+
+## What has been observed?
+
+There is no evidence of exploitation affecting Western Australian Government networks at the time of publishing.
+
+## Recommendation
+
+The WA SOC recommends administrators apply the solutions as per vendor instructions to all affected devices within expected timeframe of *one month...* (refer [Patch Management](../guidelines/patch-management.md)):
+
+- https://support.sap.com/en/my-support/knowledge-base/security-notes-news/may-2024.html
+
+## Additional References
+
+- N/A