SAP Vulnerability RECON – Onapsis remediates with SAP – Free Webinar

Posted by Martin Brownsword on 19/08/2020 11:08

If you keep up to date on SAP security, you will no doubt have heard over the last few weeks about a critical vulnerability found in an SAP component included in many SAP applications. The vulnerability has even acquired a trendy name RECON, which stands for (Remotely Exploitable Code On NetWeaver). As you have probably deduced, this vulnerability resides inside SAP NetWeaver, in fact, SAP NetWeaver Java versions from 7.30 to 7.50 (or the latest version). As you already know, SAP NetWeaver is the base layer for numerous SAP products and solutions, meaning that a broad range of products could be impacted. These include, but are not limited to:

SAP Enterprise Resource Planning (ERP)
SAP Supply Chain Management (SCM)
SAP CRM (Java Stack)
SAP Enterprise Portal
SAP HR Portal
SAP Solution Manager (SolMan) 7.2
SAP Landscape Management (SAP LaMa)
SAP Process Integration/Orchestration (SAP PI/PO)
SAP Supplier Relationship Management (SRM)
SAP NetWeaver Mobile Infrastructure (MI)
SAP NetWeaver Development Infrastructure (NWDI)
SAP NetWeaver Composition Environment (CE)

Since SAP Solution Manager (SolMan) is affected and deployed in almost every SAP environment, it is a safe assumption that almost every SAP customer running the Business Suite and S/4HANA has at least one system affected by this vulnerability. This vulnerability can be exploited by remote, unauthenticated attackers and systems exposed to untrusted networks such as the internet could be opportunistically targeted by attackers.

Fortunately, our new partner, Onapsis, identified this vulnerability in May this year and together with SAP, they have worked on developing a remediation in the form of a SAP Security note, which was released a few weeks ago. On September 25^th, Onapsis will be holding a webinar together with SBN in which you can learn:

Details of the RECON vulnerability
The business impact
Why patching SAP is so important
Recommendations for keeping SAP protected
How to protect your SAP system from future threats

I would highly recommend that all members and partners who are interested in how we should be keeping SAP systems secure and in compliance attend this free webinar.

Please use the following link to register:
https://sbn.no/no/catalog/products/onapsis-2020

For more information on RECON and Onapsis please use the following link to the Onapsis website:
https://onapsis.com/recon-sap-cyber-security-vulnerability

SBN Webinar: Onapsis - RECON and other SAP vulnerabilities

2020-09-25 13:00

Webinar by SBN & Onapsis

Prepare your SAP system to deal with key security vulnerabilities – the latest vulnerability has been named RECON and will likely affect thousands of SAP customers globally. Hear from our new partner Onapsis on how you should deal with RECON and similar security threats and how to prevent them in the future.

More news in the same category

See all news

Tags: it, hana, projects, onapsis