全球数十万企业使用的SAP GUI界面被曝存在安全缺陷，其Windows（CVE-2025-0055）和Java（CVE-2025-0056）版本的用户输入历史记录功能采用过时加密或完全不加密的方式存储敏感数据。Pathlock研究员Jonathan Stross与Fortinet的Julian Petersohn发现，该系统本地存储的用户名、身份证 ...

SAP SE today addressed two newly disclosed vulnerabilities in its SAP Graphical User Interface client applications following their discovery in coordinated research by Pathlock Inc. and Fortinet Inc.

SAP has patched a couple of vulnerabilities in its graphical user interface (SAP GUI) input history feature that give attackers a way to potentially access sensitive data stored locally on user ...

Two vulnerabilities in SAP’s Graphical User Interface (SAP GUI) input history feature have been disclosed, revealing weaknesses in how sensitive user data is stored locally. The issues, discovered by ...

Newly disclosed vulnerabilities in SAP GUI for Windows and Java store user data with outdated or no encryption, posing compliance and breach risks for enterprises. SAP GUI, a trusted interface for ...