SBN Webinar: Onapsis - RECON and other SAP vulnerabilities

Start: 25/09 13:00

Onapsis - RECON and other SAP vulnerabilities

September 25, 13:00-14:00

SAP’s July Security Notes included a fix for a critical vulnerability which has been named RECON. Successfully exploiting RECON could give an unauthenticated attacker full access to the affected SAP system, including the ability to modify financial records, view personal identifiable information (PII), corrupt data, delete or modify logs and traces, and other actions that put essential business operations and regulatory compliance at risk. Note that on the Common Vulnerability Scoring System (CVSS) RECON has been classified as 10, the maximum vulnerability score.

The Onapsis Research Labs first identified this vulnerability in May 2020 and has worked closely with the SAP Security Response Team on a mitigation strategy.  By attending this webinar, you will learn:


  • Details of the RECON vulnerability
  • The business impact
  • Why patching SAP is so important
  • Recommendations for keeping SAP protected
  • How to protect your SAP system from future threats

Presented by:

Frederik WeidemannFrederik Weidemann
Onapsis Inc.

Frederik is a cybersecurity expert and Chief Technical Evangelist at Onapsis. He presented over 50 times at SAP and security related conferences like RSA, Troopers, SAPPHIRE, TechEd, SAP Insider, ASUG, DSAG, and OWASP. He has focused on SAP Security for the last fourteen years and is the co-author of the first book on Secure ABAP Programming. Frederik also frequently writes articles on SAP security and has found numerous zero-day defects in business-critical applications. 

The event was evaluated Fantastic = 6,5 on a scale 1-7.

Recording: [slides]


Contact Martin if you have questions or comments.

Martin BrownswordMartin Brownsword
Head of Innovation Team IT, HANA, Projects
SBN - SAP Brukerforening i Norge
+47 917 11 593

Tags: it, hana, projects, onapsis

Number of participants: 31

  • Jens Petter Karlsen  
    Accenture AS
  • Eigil Bjelde Jensen  
    Norske Skog AS
  • Yngve Karlsen  
    Aker BP
  • Knut Selliseth  
    Helse Midt Norge
  • Sonja Hennie Hansen  
    Helse Midt-Norge
  • Amund Skaar-Hval  
  • Martin Brownsword  
  • Peter Jaeger  
    itelligence Nordic
  • Diwakar Thanikachalam  
    Zalaris ASA
  • Jurijs Tolokoncevs  
    Zalaris ASA
  • Lars Grorud  
  • Therese Malcho  
    Nets Denmark A/S
  • Jan Peter Koch  
    Statkraft AS
  • Simon Rudkin  
    Aibel AS
  • Hildegunn Haugestøl  
  • Eva-Maria Fahrer  
  • Troels Lindgaard  
  • Sarmad Reda  
  • Satkardeep Singh  
  • Lenny Hidalgo  
  • Trygve Leivestad  
    Orkla IT AS
  • Paul Hemelsoet  
    Statkraft AS
  • Andreas Moos  
  • Piotr Cieslewicz  
  • Donnie Lund  
  • Thomas Bladh  
  • Tor Einar Jørgensen  
    Helse Midt-Norge
  • Joachim Kaland  
  • Febrianti Wibawa  
  • Sakthivel Sivaguru  
  • Øyvind Nordang