Close

HAVE QUESTIONS?

A partner account manager can help. Contact us today.

[ERPSCAN-11-014] SAP GUI (SAPGUI) — DLL hijacking

Application: SAP GUI
Versions Affected: 6.4 — 7.2
Vendor URL: http://www.sap.com
Bugs: DLL hijacking
Exploits: YES
Reported: 24.08.2010
Vendor response: 26.08.2010
Date of Public Advisory: 09.03.2011
CVE-number:
Author: Alexey Sintsov, Alexandr Polyakov

Description
SAP Front End applications (SAPGui.exe) are vulnerable to DLL hijacking attacks. It makes possible to remote code execution.

Business Risk
Attacker can put malicious file on shared folder or internet site and send user a link to SAP shortcut. When victim try to open shortcuts in this folder SAP Frontend application will execute malicious code on the victim workstation giving attacker a full access to workstation.