Newsflash: +++ Hackers Stole Over 6.42 Million SHEIN Customers' Data +++ SAP Customer British Airways hacked: Hackers steal financial data in BA website attack +++ The same hacker group who breached Ticketmasters were behind the British Airways attack, using DIGITAL SKIMMING +++

Milky Blog

know what’s going on out there about SAP®

  • Blog
  • Read Our Rules

50.000 SAP® at risk by known vulnerabilities

By Hendrik Jansen  - May 9, 2019
The story about 50.000 SAP® customers being at risk because of old and known vulnerabilities. Did the story go viral? 

Viral? no not really in that sense, but the story definitely got picked by a lot of media and news sites, blog fora etc. And for very good reasons.

The 10KBLAZE story refers to penetration risks for SAP® customers, and talks about the vulnerabilities that could cause such exploits. The mentioned vulnerabilities are indeed known for a long time (years) so to that extent ... nothing new.

What is surprising is that companies simply don't seem to get it and probably all for different reasons (no time, did not know, too complex, costs, attention, focus, lack of management sponsorship, lack of awareness).

What is beyond surprise is the fact that once companies know and understand how such risks can be easily mitigated, they don't seem to care. Wow .... let's think about that for a second. International and large corporations who have invested millions, and often double digit millions in one of the most strategic applications (SAP®) on the planet, running their entire business, containing ALL their critical data, .......... yes we know (or now we know) and you cannot be bothered to do something about it? Or you accept someone saying "that is not in the budget!"

Ask yourself if your (next) SAP® breach is in the budget, ask yourself if these SAP® systems untouchable, ask yourself what would happen if .....

And if you have seen the man in the middle (MITM) attack, how easy it is to exploit SAP® systems with insufficient or insecure configurations, that (next) breach could be lot closer than you think, and definitely more costly than you think. Do want to see a man in the middle attack? Let us know.



If you think SAP® system hardening is complex, that is where our experts come in.

If you think it is very time consuming, let us show you a way in which it is is not.

If you think it very costly, let us surprise you, ask for a quotation. 

Do you want high security levels, little to no effort, acceptable costs?


Securing your most important and critical assets - your SAP® systems



Enroll and receive updates!

Popular posts

We take privacy seriously! This is what happens to your data:

  • Data from forms and website-tracking can be saved for analysis.
  • Data can be evaluated for optimizing the website. This enables us to better understand what our visitors are interested in. We primarily use Hubspot for this tracking. You can find more information on this in our privacy policy linked at the bottom.
  • We do not share your data with third parties. In the context of events in which you want to participate it might be necessary to submit your data to contractors.
  • You have the right to have your personal data corrected, deleted or transfered to you at any time.
  • You can withdraw your consent to any sort of communication with us at any time.

More details about what we do and don't do with your personal data can be found in our privacy policy, or you can directly contact me by e-mail!

Felix Möckel
Data Protection Officer