SBN Webinar: Onapsis - RECON and other SAP vulnerabilities

Start: 25/09 13:00

Onapsis - RECON and other SAP vulnerabilities

September 25, 13:00-14:00

SAP’s July Security Notes included a fix for a critical vulnerability which has been named RECON. Successfully exploiting RECON could give an unauthenticated attacker full access to the affected SAP system, including the ability to modify financial records, view personal identifiable information (PII), corrupt data, delete or modify logs and traces, and other actions that put essential business operations and regulatory compliance at risk. Note that on the Common Vulnerability Scoring System (CVSS) RECON has been classified as 10, the maximum vulnerability score.

The Onapsis Research Labs first identified this vulnerability in May 2020 and has worked closely with the SAP Security Response Team on a mitigation strategy.  By attending this webinar, you will learn:


  • Details of the RECON vulnerability
  • The business impact
  • Why patching SAP is so important
  • Recommendations for keeping SAP protected
  • How to protect your SAP system from future threats

Presented by:

Frederik WeidemannFrederik Weidemann
Onapsis Inc.

Frederik is a cybersecurity expert and Chief Technical Evangelist at Onapsis. He presented over 50 times at SAP and security related conferences like RSA, Troopers, SAPPHIRE, TechEd, SAP Insider, ASUG, DSAG, and OWASP. He has focused on SAP Security for the last fourteen years and is the co-author of the first book on Secure ABAP Programming. Frederik also frequently writes articles on SAP security and has found numerous zero-day defects in business-critical applications. 

The event was evaluated Fantastic = 6,5 on a scale 1-7.

Recording: [slides]


Contact Martin if you have questions or comments.

Martin BrownswordMartin Brownsword
Head of Innovation Team IT, HANA, Projects
SBN - SAP Brukerforening i Norge
+47 917 11 593

Tags: it, hana, projects, onapsis

Number of participants: 31

  • Sakthivel Sivaguru  
  • Øyvind Nordang  
  • Febrianti Wibawa  
  • Joachim Kaland  
  • Tor Einar Jørgensen  
    Helse Midt-Norge
  • Thomas Bladh  
  • Donnie Lund  
  • Piotr Cieslewicz  
  • Andreas Moos  
  • Paul Hemelsoet  
    Statkraft AS
  • Trygve Leivestad  
    Orkla IT AS
  • Simon Rudkin  
    Aibel AS
  • Satkardeep Singh  
  • Hildegunn Haugestøl  
  • Amund Skaar-Hval  
  • Sonja Hennie Hansen  
    Helse Midt-Norge
  • Knut Selliseth  
    Helse Midt Norge
  • Eigil Bjelde Jensen  
    Norske Skog AS
  • Yngve Karlsen  
    Aker BP
  • Lenny Hidalgo  
  • Sarmad Reda  
  • Troels Lindgaard  
  • Eva-Maria Fahrer  
  • Jan Peter Koch  
    Statkraft AS
  • Therese Malcho  
    Nets Denmark A/S
  • Jurijs Tolokoncevs  
    Zalaris ASA
  • Lars Grorud  
  • Diwakar Thanikachalam  
    Zalaris ASA
  • Martin Brownsword  
  • Jens Petter Karlsen  
    Accenture AS
  • Peter Jaeger  
    itelligence Nordic