SAP Application Vulnerabilities Targeted by Hackers SAP and Onapsis Strongly Advise Organizations to Take Immediate Action. LAST UPDATED ON APRIL 7, 2021 QUICK READ On April 6 th, the Cybersecurity & Infrastructure Security Agency (CISA) and SAP released an alert warning that SAP systems running outdated or misconfigured software are exposed to increased risks of malicious attacks. Threat actors are carrying out a series of attacks, including theft of sensitive data, financial fraud, disruption of mission-critical business processes and other operational disruptions, and delivery of ransomware and malware. According to Onapsis’ threat report, SAP applications are widely deployed and used for mission-critical operations worldwide by organizations in essential industries such as food distribution, medical device manufacturing, pharmaceuticals, critical infrastructure, government and defense, and more.