SAP this week released its April 2017 set of patches. The most important of the 15 security notes resolves a Very High priority (Hot News) vulnerability in TREX / BWA that could allow an attacker to execute commands on the affected system.
Article Link: http://feedproxy.google.com/~r/Securityweek/~3/tbPqUvyr8e0/sap-patches-critical-code-injection-flaw-trex