Some old SAP systems have default kernel user accounts. Guess what happened next?

  • 29 March 2016
  • 1 reply
  • 159 views

Userlevel 7

Infosec bloke pokes hornet's nest with stick; patch ASAP

BY: 29 Mar 2016 at 11:42, John Leyden
 
Security researchers were able to access default SAP accounts on enterprise systems worldwide by using default passwords.
The security snafu meant that SAP systems worldwide were potentially vulnerable to data theft, business process disruption and fraud, specialist security outfit ERP-SEC warned.
Joris van de Vis, researcher at ERP-SEC, demonstrated full compromises of the SAP Solution Manager and connected systems via three of these default accounts during a presentation at the recent Troopers Security Conference.
The issue only affects users of older versions of SAP’s enterprise software. Van de Vis's research identifies some "very high risk" default accounts in affected installations, including one noted as a "hardcoded kernel user".
“The precise percentage of affected customers is unclear, but a quick check under some of our customers shows at least 50 per cent of them have one or more of these default users with a default password in their systems,” van de Vis explained. “This only affects long-time SAP customers as new installations are not affected.”
 
full article here:

1 reply

Userlevel 7
Not surprised as ERP system have largely been ignored by the miscreants in the past...but I fear not anymore or for very much longer...and that this is an area that the ERP manufacturers will be well advised to look to deal with rather than relying on the defense of the corporate firewall/HIPs.

Reply