Security researchers have found nearly two dozen vulnerabilities in the widely used German business software SAP that could give attackers control of company financials, resource management and other operations.
Boston-based Onapsis, a security company that tests for holes in SAP and Oracle enterprise software and reports them to the companies so they can release patches, said Monday that 21 security problems in SAP systems could allow criminals to steal, modify or delete business information relating to financials, resources or other operations, or shut down platforms. About 87% of Forbes Global 2000 companies use SAP, according to the software provider’s website. SAP says it has issued updates that resolve the security problems.