Skip to Content

Report a Possible Security Vulnerability to SAP

SAP takes all matters relating to our customers’ security very seriously, and we are constantly working on improving our product security measures. If you discover a potential security vulnerability in any SAP Software:

  • SAP Customers:  If you discover a potential security vulnerability within your SAP systems not covered by a published security note, please report this by creating a customer incident at https://support.sap.com/incident
  • Security Researchers:  If you discover a potential security vulnerability within any SAP software, please send the related information to the  SAP Product Security Response Team at secure@sap.com, using the email template below with PGP for e-mail encryption. 
  • Send details as follows for us to better understand the nature and scope of the vulnerability: Vulnerability Category; Affected Product Version with SP and patch level; Necessary previous /post conditions; Vulnerability description with Proof of Concept or exploit code; Impact of the issue if exploited.

Click here to get the public PGP key
Learn more, disclosure guidelines
Email template for Security Researchers

Back to top