A software security expert had warned flaws in the design of SAP’s business management software can allow hackers to easily break into corporate computer systems via the Internet.
Alexander Polyakov, chief technology officer of software security firm ERPScan, unveiled the vulnerabilities at the Black Hat hacking conference in Las Vegas.
He said the flaws affect systems that corporate workers use to access their software systems over the Internet.
“SAP is aware of this vulnerability since we are working very closely with Alexander Polyakov on this issue,” a company spokeswoman said.
“SAP will deliver an appropriate patch to its customers on Tuesday, August 9.”
Polyakov was one of dozens of hacking experts to make presentations at the annual gathering, which is attended by security professionals.
He said he can set up a query using Google’s search engine that would identify systems vulnerable to attack.
In some cases, he said, he could set up fictional accounts to access those systems, granting those users wide access to secret corporate data, and could delete some valuable data by overwriting databases with “trash.”
