Point-of Sale vulnerabilities and even real data breaches make headlines on the regular basis. It come as no surprise as these systems are a treasure trove of payment card data. ERPScan’s researchers will deliver their presentation to demonstrate that SAP POS is not immune to cybersecurity issues.

Read more


SAP software is in use at 80 percent of retailers in Forbes Global 2000. The company’s retail portfolio includes SAP POS, the vendor’s client/server point-of-sale solution. ERPScan researchers identified several vulnerabilities in the solution, which could lead to information disclosure, privilege escalation and other attacks. If exploited, a malicious person could read, write, or delete files stored on the server, shut down the application, or monitor content of the receipt window of a victim PoS system remotely without authentication. Attend the Get to the Money: Hacking POS and POP Systems presentation to learn:

  • Ways an attacker use to get access to Point of Sale (POS) or Point of Purchase (POP) systems
  • An attack vector against SAP POS ending with accessing critical credit card data.

HITBSecConf is an annual must-attend event in the calendars of security researchers and professionals around the world. Held annually in Kuala Lumpur, Malaysia, and the Netherlands, HITBSecConf is a platform for the discussion and dissemination of next generation computer security issues. The two-day multi-track conference features cutting-edge hardcore technical talks delivered by the most respected names in the computer security industry. HITBSecConf is a place where ideas are exchanged, talent discovered and genius celebrated.


Dmitry Chastuhin
Lead SAP Security Analyst
Vladimir Egorov
Security Researcher
Read more