CVE-2021-38150

Name of the Vulnerable Software and Affected Versions: SAP Business Client versions 7.0, 7.70

Description: The issue allows an attacker to read sensitive data, such as credentials, from the local memory or memory dump of a victim, for example, through a social engineering attack. This could enable the attacker to compromise the corresponding backend for which the credentials are valid.

Recommendations: For SAP Business Client version 7.0, update to a version that fixes this issue. For SAP Business Client version 7.70, update to a version that fixes this issue. As a temporary workaround, consider restricting access to sensitive data and implementing additional security measures to prevent social engineering attacks.