Configuration errors and other missteps undermine the security of enterprise SAP environments. The sheer complexity of these environments has left them rife with security vulnerabilities. The issue came into sharp focus earlier this year with the public release of a set of exploits targeting well-known configuration errors in two major SAP components. The exploits, collectively dubbed 10KBlaze, gave attackers a way to gain complete remote administrative control of SAP environments, and prompted an advisory from the US-CERT. The most common security failures are misconfigured ACLs and weak user access controls.”]
Source: https://www.csoonline.com/article/3404470/top-8-security-mistakes-in-sap-environments.html