Recently Discovered SAP Bug Allows Anybody Without Technical Knowledge to Hack Business Applications
An application security firm, Onapsis Research Labs, discovered a critical SAP bug, CVE-2020-6287, codenamed RECON bug. The vulnerability allows a remote unauthenticated attacker to gain unrestricted access to SAP systems without a username or password.