Explore a critical cybersecurity presentation from Black Hat that delves into exploiting inter-process communication vulnerabilities in SAP's HTTP server. Learn about two significant memory corruption vulnerabilities (CVE-2022-22536 and CVE-2022-22532) affecting SAP's Internet Communication Manager (ICM), which could potentially compromise any SAP installation worldwide. Discover the architecture of ICM, understand memory pipes and internal handlers, and witness a demonstration of how these vulnerabilities can be exploited. Gain insights into SAP's response to these issues and the broader implications for organizations relying on SAP software. This 39-minute talk by Martin Doyhenard offers valuable knowledge for cybersecurity professionals, SAP administrators, and anyone interested in understanding the complexities of securing enterprise software systems.
Internal Server Error - Exploiting Inter-Process Communication in SAP's HTTP Server
Overview
Syllabus
Introduction
Internet Communication Manager ICM
ICM Architecture
Memory Pipes
Internal handlers
Example of using internal handlers
First vulnerability
Example
ICM Features
ICM Example
Steps to reproduce
MPI Buffers
Demo
Modifying the response
SAPs response
Conclusions
Taught by
Black Hat
