Stay on top of the latest media coverage, and company and product announcements from the leader in business-critical application security and compliance solutions.
SAP ha corretto una vulnerabilità critica che ha interessato oltre 40.000 clienti analizzato nelle versioni SAP NetWeaver AS JAVA (LM Configuration Wizard) , un componente chiave di numerose soluzioni e prodotti implementati nella maggior parte degli ambienti SAP.
Angreifer können unter Umständen ein SAP-Administratorkonto einrichten. Das gibt ihnen die vollständige Kontrolle über ungepatchte SAP-Anwendungen. Betroffen sind eine Vielzahl von SAP-Produkten wie S/4 HANA, SCM, CRM und Enterprise Portal.
RECON could allow an unauthenticated attacker to take control of SAP enterprise applications through the web interface.
The technological world faces the grave danger of the RECON bug which easily exposes different firms to the hacking world.
SAP has released the July 2020 Patch, fixing 15 vulnerabilities, with two of them being highly critical (CVSS 10). These could lead to corporate server network takeover.
An unauthenticated attacker could create an admin account with maximum privileges, researchers claim.
The rare 10/10 vulnerability on the CVSS scale affects a host of apps including ERP and CRM platforms
An unauthenticated attacker (no username or password required) can create a new SAP user with maximum privileges
Business giant SAP patches RECON bug, which impacted most of its customers and let hackers create admin accounts on SAP servers
SAP patches bug impacting most of its apps and customer base. — Business giant SAP released a patch today for a major vulnerability that impacts the vast majority of its customers.