SAP addressed two critical vulnerabilities (Hot News) as part of the October 2019 Security Patch Day. The most severe SAP Security Note is #2826015, a Missing Authentication Check in AS2 Adapter of B2B Add-On for SAP NetWeaver Process Integration. The vulnerability, tracked as CVE-2019-0379, could be exploited by remote attackers to steal or manipulate sensitive data. SAP also addressed a Binary Planting vulnerability in several SAP software products, including Anywhere, SAP IQ and SAP Dynamic Tiering.”]
Source: https://securityaffairs.co/wordpress/92335/security/sap-october-2019-security-patch-day.html