Posted by Portcullis Advisories on Jul 13

Vulnerability title: Privilege Escalation In SAP ECC
CVE: CVE-2015-3621
Vendor: SAP
Product: ECC
Affected version: Unknown
Fixed version: Latest
Reported by: Tim Brown
Details:

It has been identified that binaries that are executed with elevated privileges (SetGID and SetUID programs) have been
compiled in manner that means they searched for libraries in insecure locations.

Further details at:…