SAP NetWeaver Contains Remotely Executable Code

Over 40,000 SAP customers need to update to the latest version to mitigate risk from remote unauthenticated attackers obtaining complete access to their SAP database. Although there is no evidence it has been exploited yet, it is only a matter of time before malicious attackers take advantage of this. Don’t let them exploit you!

The vulnerability CVE-2020-6287 AKA RECON (Remotely Exploitable Code on NetWeaver) is caused by a default component implemented in all SAP NetWeaver technology. It has been given a CVSS score of 10 meaning it is a very dangerous vulnerability to have in your business.

Source: Threatpost

Risk Crew