VULNERABILITY UPDATE: CISA Has Issued Alert for Critical SAP Vulnerabilities

This week, SAP released security updates to address three critical vulnerabilities dubbed Internet Communication Manager Advanced Desync (ICMAD), and found by security research firm Onapsis: CVE-2022-22536, CVE-2022-22532, and CVE-2022-22533, sporting CVSS scores of 10 (the highest possible), 8.1, and 7.5, respectively. 

Over on the blog, leading AX researcher @Peter-Automox has written a piece with some great details and remediation tips, which you can read in full right here. If you have any questions, let us know in the comments.