Trustwave, the cybersecurity firm, has recently exposed the details of several vulnerabilities in the SAP Adaptive Server Enterprise (ASE). SAP ASE is a relational DBMS that many banks and financial organizations use.
Researchers have analyzed the details of SAP ASE and identified around six vulnerabilities. Among them, most are of high or critical severity rating. As per the company, the security holes can allow unprivileged attackers to get complete control of the database and then the underlying operating system (OS).
They can also carry out arbitrary code with LocalSystem permissions within the Windows systems. The security flaws have been tracked as CVE-2020-6248 and CVE-2020-625.
Source: SecurityWeek