Much has already been said on the recently disclosed SAP vulnerability named SAP Recon so we won’t zoom in on the technical details. If you want more information just follow the links below for more information:
What is more important to know, is that this vulnerability is ranked as a Hotnews note by SAP. This means that it is the highest category in terms of risk. Moreover, publicly available exploits have been published for example, here and here, which make exploitation easier and available to a broad audience. The release of these exploits combined with the severity of the vulnerability should get your basis team running to patch this vulnerability sooner rather than later.
To demonstrate the easiness of exploitation, we provided below a video by using the publicly available exploit of @_chipik. This short video demonstrates the remote creation of a user in the SAP Java stack with the administrator’s role without using any authentication.
Now that we know how easy it is to exploit this vulnerability and gain access to your business-critical SAP systems, there is only one thing left to do.
Patch, patch, patch…
For more information on the SAP Support Launchpad please visit this URL: https://launchpad.support.sap.com/#/notes/0002947895
Additionally, feel free to request a completely free and fully-functional version of Protect4S to detect this vulnerability and over around 2000 others in your SAP landscape.