Onapsis, the esteemed cloud security firm, reveals that RECON can make way for diverse threat aspects to create an SAP user account. Moreover, the user account thus created can enjoy maximum privileges, giving complete access to the hackers who can easily gain access over the said firms’ SAP resources. The main culprit here is the default component that you can find in every SAP application which runs the NetWeaver Java technology stack. This component can be found in some of the major products of SAP, such as SAP Solution Manager (SolMan), SAP CRM, SAP S/4HANA, and SAP Enterprise Portal, and SAP Enterprise Portal.
RECON Bug Scores 10 Out of 10
The Recon Bug is perfect in all senses as per Onapsis and can easily score 10 out of 10 on the CVSSv3 vulnerability severity scale. This high score implies that anyone can easily exploit the bug without even having any technical knowledge. Also, users can easily automate it for remote attacks and the best aspect is that users do not need an SAP account or any type of valid credentials to access the bug. The Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (DHS CISA) has in fact issued a strict warning for the security firms to deploy the effective patches as soon as possible in order to fight the bug effectively. The reason being that Onapsis has also warned about the hackers getting complete access to a firm’s SAP accounts through this malicious Recon bug. Source – ZDNet