SAP HMAC Credential Replay Attack Vulnerability Allowing Complete System Compromise

A vulnerability exists that allows an unauthenticated attacker to exploit a replay attack scenario using a Hashed Message Authentication Code (HMAC) credential. This credential can be reused against a different system, potentially leading to a complete compromise of that system, including its confidentiality, integrity, and availability. The vulnerability arises when the target system is fully patched, but the HMAC credential has been extracted from a system that is missing specific security updates.

Impact

Exploitation of this vulnerability could result in a complete compromise of the target system, affecting its confidentiality, integrity, and availability.

Remediation

Users are advised to review and implement the latest SAP Security Notes. SAP Security Patch Day occurs on the second Tuesday of every month, when SAP publishes important security updates. Access the SAP Security Notes through the SAP for Me platform.