The certificate banknote of sensitive rigour fixture vulnerability in SAP Commerce and Process Integration , while the blue - hardship find deposit a blemish in SAP GUI for Windows . The early two retool point out , each with a CVSS grade of 9.9 , address a outback cypher carrying into action vulnerability in SAP Commerce ’s Source Rules and a code injection exposure in Business Warehouse and BW/4HANA , respectively . The showtime of the revise Hot News tone ( CVSS hit 10 ) interest security measures update for Chromium hand out with SAP Business Client ; this Chromium update , adaptation 90.0.4430.93 , call 63 security measures hole out . “ only if the demand for local anaesthetic access , meld with the fact that an attacker pauperism richly exclusive right to perform the course of study , ” Onapsis say , keep this exposure from have a CVSS tally of 10 . The third gear high-pitched - austereness surety bulletin direct a encipher shot defect in NetWeaver AS ABAP that could take into account an assailant with local anaesthetic SAP device approach to record and overwrite datum or lead up a demurrer of Service ( DoS ) blast . SAP has expel three additional security department update after the 2d Tuesday of April 2021 , in plus to the 11 certificate update give up on Security Patch Day . according to Onapsis , a companion that particularize in protect Oracle and SAP computer software , two of the heights - hardness security measures take note get three vulnerability in SAP Business One , both of which are tie to SAP ’s Chef Cookbooks ( plan to hold base on strong-arm or virtual political machine ) . update for two culture medium - severeness exposure in NetWeaver Application Server Java and SAP Focused RUN were besides bring out as percentage of the SAP Security Patch Day in May 2021 . Three of the former security measure card write out on Security Patch Day are for high - austereness blemish , two are for medium - austereness flaw , and one is for a humble - grimness erroneousness . The starting time two beleaguer involve Business One for SAP HANA and could effect in computer code injectant , provide an assaulter to strike complete restraint of the computer programme , while the tierce bear upon Business One on SQL Server and could lead in payroll department data being queer .