Skip to main content

Critical vulnerability present in SAP Internet Communication Manager

A vulnerability has been identified in SAP Internet Communication Manager (ICM), a component of many SAP products, which may allow full system takeover. Affected organisations should apply the available security update.

Alert status

Background / What has happened?

The ACSC is aware of a vulnerability (CVE-2022-22536) affecting SAP products that use certain versions of SAP Internet Communication Manager (ICM). These products include:

•    SAP Web Dispatcher
•    SAP Content Server
•    SAP NetWeaver and ABAP Platform

Successful exploitation of this vulnerability could allow an unauthenticated malicious actor to impersonate users of a vulnerable SAP system. Exploitation could result in disrupted operations, data theft, fraud, ransomware or denial-of-service against critical systems.

Mitigation / How do I stay secure?

Australian organisations should review their networks for use of vulnerable instances of SAP and apply the vendor’s patches as a high priority.

Refer to the SAP Security Patch Day Advice for further information on impacted product versions. 

Assistance / Where can I go for help? 

The ACSC is monitoring the situation and is able to provide assistance and advice as required. Organisations that have been impacted or require assistance can contact the ACSC via 1300 CYBER1.

Was this information helpful?
Was this information helpful?

Thanks for your feedback!


Tell us why this information was helpful and we’ll work on making more pages like it