Security Issue Management
Report a security issue
SAP is committed to identifying and addressing security issues that affect our software and cloud solutions. We are continuously working on improving our security processes. To report a potential security issue, choose from the options below.
SAP customers
Report a customer security issue to find a solution and get real-time support from an expert.
Product and website security vulnerabilities
Inform the SAP Product Security Response Team of a security vulnerability on any SAP product OR of a website security issue on an SAP owned domain by submitting a vulnerability form. Please fill out only one form.
Note: Include the following details in the report, as applicable, so that we can better analyze the nature and scope of the security issue: issue category, affected product version with support package and patch level, necessary pre- and post-conditions for the exploit to work, description with proof of concept or exploit code, and impact of the issue if exploited.
SAP Security Patch Day
Fix vulnerabilities discovered in SAP products
Review notes from our monthly SAP Security Patch Day to learn about vulnerabilities discovered in SAP products and apply patches to protect your SAP landscape.
Join us in acknowledging our security researchers
Learn about the security researchers who help us identify and solve security vulnerabilities, so we can help maintain the security and safety of our customers and partners.
Customer Access to Security Information
My Trust Center
Visit My Trust Center, an area within SAP Support Portal for SAP Trust Center that extends the public offering by granting access to SAP security policies, frameworks, sub-processors lists, and more. Available only to SAP customers and partners with a valid SAP user ID.
SAP Security Notes
The SAP for Me portal is the central access point for customers and partners providing detailed information about their product portfolios including a list of all security notes.