Intrusion Prevention

SAP.GUI.Regsvr32.Rule.Security.Policy.Bypass

Description

This indicates an attack attempt to exploit a Security Bypass vulnerability in SAP GUI.
The vulnerability is due to an error when vulnerable module handles a malicious response. An attacker can exploit this by tricking an unsuspecting user into visiting a malicious server and execute arbitrary code within the context of the affected application.

Affected Products

SAP GUI 7.2 - 7.5

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Upgrade to the latest version available from the website.
https://erpscan.com/advisories/erpscan-17-011-sap-gui-versions-remote-code-execution-bypasssecurity-policy/

CVE References

CVE-2017-6950