Memory Dump Vulnerability in SAP Business Client Versions 7.0 and 7.70: Exposing Sensitive Data and Credential Compromise
CVE-2021-38150 · MEDIUM Severity
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
When an attacker manages to get access to the local memory, or the memory dump of a victim, for example by a social engineering attack, SAP Business Client versions - 7.0, 7.70, will allow him to read extremely sensitive data, such as credentials. This would allow the attacker to compromise the corresponding backend for which the credentials are valid.
Learn more about our Social Engineering.