Security News > 2020 > July > 'RECON' Vulnerability Exposes Thousands of SAP Systems to Attacks
A serious vulnerability that could impact thousands of organizations can allow hackers to take complete control of SAP systems.
Onapsis says more than 40,000 SAP customers could be affected by the RECON bug and the cybersecurity firm estimates that there are at least 2,500 vulnerable systems that can be targeted directly from the internet, including in North America, Europe and the Asia-Pacific region.
A remote and unauthenticated attacker who has access to the targeted system can exploit the vulnerability to create a new SAP admin user, allowing them to bypass access and authorization controls and gain full control of the SAP system.
Onapsis has pointed out that malicious actors could leverage the fact that the RECON flaw impacts SAP Process Integration, a module that facilitates business process integrations and communications, and SAP Solution Manager, which provides a central management interface for SAP and non-SAP systems.
"The way SAP applications are opened to the internet in the form of SAP Enterprise Portals, combined with integration technologies such as SAP SolMan or SAP Process Integration, create an environment in which the exploitation of a CVSS 10 vulnerability can ultimately lead to business data and PII being compromised," Onapsis said in its report.