SAP Patches Critical Vulnerabilities in NetWeaver, MII Products


German multinational software company SAP March 2021 Security Patch Day updates include nine new security notes, including two for critical vulnerabilities affecting the company’s Manufacturing Integration and Intelligence (MII) and NetWeaver Application Server (AS) products.

This month’s patches also include four updates to previously released Patch Day security notes, including updates for two notes rated Hot News with a CVSS score of 10. The most severe of the newly released security updates address a code injection vulnerability in SAP MII. The vulnerability – tracked as CVE-2021-21480 – features a CVSS score of 9.9.

To Read More: SecurityWeek