Home>Blog>The Hacker News Headlines>New Highly-Critical SAP Bug Could Let Attackers Take Over Corporate Servers
The Hacker News Headlines

New Highly-Critical SAP Bug Could Let Attackers Take Over Corporate Servers

imageimage

SAP has patched a critical
vulnerability impacting the LM Configuration Wizard component
in NetWeaver Application Server (AS) Java platform, allowing an
unauthenticated attacker to take control of SAP applications.

The bug, dubbed RECON and tracked as CVE-2020-6287, is
rated with a maximum CVSS score of 10 out of 10, potentially
affecting over 40,000 SAP customers, according to cybersecurity
firm Onapsis, which uncovered the
flaw.
[2]

“If successfully exploited, a remote, unauthenticated attacker can
obtain unrestricted access to SAP systems through the creation of
high-privileged users and the execution of arbitrary operating
system commands with the privileges of the SAP service user
account, which has unrestricted access to the SAP database and is
able to perform application maintenance activities, such as
shutting down federated SAP applications,” the US Cybersecurity and
Infrastructure Security Agency (CISA) said in an advisory.

“The confidentiality, integrity, and availability of the data
and processes hosted by the SAP application are at risk by this
vulnerability,” it added.

The vulnerability is present by default in SAP applications
running on top of SAP NetWeaver AS Java 7.3 and newer (up to SAP
NetWeaver 7.5), putting several SAP business solutions at risk,
including but not limited to SAP Enterprise Resource Planning, SAP
Product Lifecycle Management, SAP Customer Relationship Management,
SAP Supply Chain Management, SAP Business Intelligence, and SAP
Enterprise Portal.

According to Onapsis, RECON is caused due to a lack of
authentication in the web component of the SAP NetWeaver AS for
Java, thus granting an attacker to perform high-privileged
activities on the susceptible SAP system.

“A remote, unauthenticated attacker can exploit this
vulnerability through an HTTP interface, which is typically exposed
to end users and, in many cases, exposed to the internet,” CISA
said.

By exploiting the flaw to create a new SAP user with maximum
privileges, the intruder can compromise SAP installations to
execute arbitrary commands, such as modifying or extracting highly
sensitive information as well as disrupting critical business
processes.

Although there’s no evidence of any active exploitation of the
vulnerability, CISA cautioned that the patches’ availability could
make it easier for adversaries to reverse-engineer the flaw to
create exploits and target unpatched systems.

Given the severity of RECON, it’s recommended that organizations
apply critical patches as soon as possible and scan SAP systems for
all known vulnerabilities and analyze systems for malicious or
excessive user authorizations.

[1][3]

References

  1. ^
    critical vulnerability
    (wiki.scn.sap.com)
  2. ^
    uncovered the flaw
    (www.onapsis.com)
  3. ^
    advisory
    (us-cert.cisa.gov)

Read more

Leave a Reply

Powered By Anakyst UK Work done easy Discover Great Places People Websites in Nigeria. Be Discovered and Discover Great Places People Products & Websites in Nigeria. Tell us what you need to advertise online onradio ontv and where you want to advertise and discover talented publishers and advertisers within minutes for just a fraction of the cost!JobScout | Developed By Rara Theme. Powered by WordPress.