Skip links
Vahagn Vardanian

Vahagn Vardanian

Co-founder and CTO of RedRays

RedRays at Black Hat MEA 2023

đź”’ “FROM ON-PREMISES TO CLOUD: A COMPREHENSIVE ANALYSIS OF SAP SECURITY ISSUES” đź”’

đź“… 17:40, Wed, Nov 15
đź“Ť Briefing Stage 4

At the Black Hat MEA conference, our team, including top experts, is set to take the stage. We invite you to join us and delve into the world of SAP security, where we will discuss the risks and threats associated with this system.

📢 In this session, we will explore the security vulnerabilities within the SAP system and the potential risks they pose to companies. The SAP system consists of various components, including SAP HANA, SAP Solman, SAP Cloud Connector, and SAP ME, which are customized to meet the specific requirements of each organization. While some companies utilize SAP’s cloud solutions alongside on-premise solutions, any vulnerabilities or misconfigurations within these components can jeopardize the entire SAP system. We will also delve into two distinct attack vectors that can be exploited to compromise the system’s security.

At the event, the attendees will get an opportunity to listen to the RedRays Lead Security Researcher, Vahagn Vardanian, who will share the findings of the investigation conducted by the RedRays Research and Development Center on the vulnerabilities of the SAP enterprise software.
During the presentation the Proof of Concepts of the following vulnerabilities CVE-2023-0012, CVE-2022-39802, CVE-2021-21480 discovered by our team will be published and other issues such as MS Defender Bypass, Decrypt SAP SSFS, and some SAP Misconfigurations will be discussed.
The vulnerabilities have been reported to SAP and have already been fixed.

🔍 What have we done? Our experts have conducted a thorough analysis of SAP vulnerabilities and will share the results of our research at this conference. You will learn about two unique attack vectors that can pose a threat to SAP system security.

Join us at Black Hat MEA and discover more about securing your company in the world of SAP. Our presentation will be a highlight of the conference, and we look forward to seeing you there!

Explore More

RedRays AI for ABAP Code Security

Empowering Secure, Efficient, and Compliant SAP ABAP Development—in Real Time and Without Data Retention In today’s rapidly evolving business landscape, organizations increasingly

Special offer for SAP Security Udemy course!

$ 9.99

Join “SAP Security Core Concepts and Security Administration” which is part of the Blackhat course series.Â