<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE article PUBLIC "-//NLM//DTD JATS (Z39.96) Journal Publishing DTD v1.3 20210610//EN" "JATS-journalpublishing1-3.dtd">
<article article-type="research-article" dtd-version="1.3" xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xml:lang="ru"><front><journal-meta><journal-id journal-id-type="publisher-id">kaz44</journal-id><journal-title-group><journal-title xml:lang="ru">Вестник Университета Шакарима. Серия технические науки</journal-title><trans-title-group xml:lang="en"><trans-title>Bulletin of Shakarim University. Technical Sciences</trans-title></trans-title-group></journal-title-group><issn pub-type="ppub">2788-7995</issn><issn pub-type="epub">3006-0524</issn><publisher><publisher-name>«Шәкәрім университеті» КеАҚ</publisher-name></publisher></journal-meta><article-meta><article-id pub-id-type="doi">10.53360/2788-7995-2024-4(16)-14</article-id><article-id custom-type="elpub" pub-id-type="custom">kaz44-1537</article-id><article-categories><subj-group subj-group-type="heading"><subject>Research Article</subject></subj-group><subj-group subj-group-type="section-heading" xml:lang="ru"><subject>МАШИНОСТРОЕНИЕ И МЕХАНИКА (ОРИГИНАЛЬНАЯ СТАТЬЯ)</subject></subj-group><subj-group subj-group-type="section-heading" xml:lang="en"><subject>MECHANICAL ENGINEERING AND MECHANICS (ORIGINAL ARTICLE)</subject></subj-group></article-categories><title-group><article-title>АНАЛИЗ УЯЗВИМОСТИ ERP-СИСТЕМ SAP: ИССЛЕДОВАНИЕ ПРОБЛЕМЫ RECON И ЕЁ ВЛИЯНИЯ НА ИНФОРМАЦИОННУЮ БЕЗОПАСНОСТЬ</article-title><trans-title-group xml:lang="en"><trans-title>ANALYSIS OF SAP ERP SYSTEM VULNERABILITIES: INVESTIGATING THE RECON ISSUE AND ITS IMPACT ON INFORMATION SECURITY</trans-title></trans-title-group></title-group><contrib-group><contrib contrib-type="author" corresp="yes"><contrib-id contrib-id-type="orcid">https://orcid.org/0009-0006-6644-1492</contrib-id><name-alternatives><name name-style="eastern" xml:lang="ru"><surname>Ташенов</surname><given-names>И. Х.</given-names></name><name name-style="western" xml:lang="en"><surname>Tashenov</surname><given-names>I. Kh.</given-names></name></name-alternatives><bio xml:lang="ru"><p> Ильяс Хакимович Ташенов – магистрант кафедры «Информационная безопасность»</p><p>050000, Республика Казахстан, г. Астана, ул. Пушкина, 11 </p></bio><bio xml:lang="en"><p>Ilyas Khakimovich Tashenov – master's degree student of the Department of Information Security </p><p> 050000, Republic of Kazakhstan Astana,Pushkina str., 11 </p></bio><email xlink:type="simple">Ilyas.tashenov@bk.ru</email><xref ref-type="aff" rid="aff-1"/></contrib><contrib contrib-type="author" corresp="yes"><contrib-id contrib-id-type="orcid">https://orcid.org/0000-0001-6006-4813</contrib-id><name-alternatives><name name-style="eastern" xml:lang="ru"><surname>Шайханова</surname><given-names>А. К.</given-names></name><name name-style="western" xml:lang="en"><surname>Shaikhanova</surname><given-names>A. K.</given-names></name></name-alternatives><bio xml:lang="ru"><p>Айгуль Кайрулаевна Шайханова – PhD, профессор кафедры информационной безопасности</p><p>050000, Республика Казахстан, г. Астана, ул. Пушкина, 11 </p></bio><bio xml:lang="en"><p>Aigul Kayrulaevna Shaikhanova – PhD, Professor of the Department of Information Security </p><p> 050000, Republic of Kazakhstan Astana,Pushkina str., 11 </p></bio><email xlink:type="simple">shaikhanova_ak@enu.kz</email><xref ref-type="aff" rid="aff-1"/></contrib></contrib-group><aff-alternatives id="aff-1"><aff xml:lang="ru">Евразийский национальный университет имени Л.Н. Гумилева<country>Казахстан</country></aff><aff xml:lang="en">L.N. Gumilyov Eurasian National University<country>Kazakhstan</country></aff></aff-alternatives><pub-date pub-type="collection"><year>2024</year></pub-date><pub-date pub-type="epub"><day>27</day><month>12</month><year>2024</year></pub-date><volume>1</volume><issue>4(16)</issue><fpage>103</fpage><lpage>110</lpage><permissions><copyright-statement>Copyright &amp;#x00A9; Ташенов И.Х., Шайханова А.К., 2025</copyright-statement><copyright-year>2025</copyright-year><copyright-holder xml:lang="ru">Ташенов И.Х., Шайханова А.К.</copyright-holder><copyright-holder xml:lang="en">Tashenov I.K., Shaikhanova A.K.</copyright-holder><license xml:lang="ru" license-type="creative-commons-attribution" xlink:href="https://creativecommons.org/licenses/by/4.0/" xlink:type="simple"><license-p>Данная работа распространяется под лицензией Creative Commons Attribution 4.0.</license-p></license><license xml:lang="en" license-type="creative-commons-attribution" xlink:href="https://creativecommons.org/licenses/by/4.0/" xlink:type="simple"><license-p>This work is licensed under a Creative Commons Attribution 4.0 License.</license-p></license></permissions><self-uri xlink:href="https://tech.vestnik.shakarim.kz/jour/article/view/1537">https://tech.vestnik.shakarim.kz/jour/article/view/1537</self-uri><abstract><p>Киберугрозы становятся всё более изощрёнными, представляя значительный риск для корпоративных систем управления ресурсами (ERP), таких как SAP, которые обеспечивают критически важные процессы крупных организаций. Одной из самых серьёзных уязвимостей в SAP является RECON (CVE-2020-6287), получившая максимальную оценку 10 по шкале CVSSv3. Такая высокая оценка указывает на критическую опасность уязвимости, позволяющей злоумышленникам, не имеющим авторизации, получить административный доступ к системам. Это может привести к утечкам конфиденциальных данных, дестабилизации бизнес-процессов и компрометации финансовой информации.</p><p>Для решения проблемы RECON в статье рассматриваются три ключевых инструмента. INSTANT RECON от Onapsis обеспечивает быстрое выявление уязвимости, минимизируя временной лаг между её обнаружением и устранением. Offline Security предлагает методы защиты от угроз, применяемые в изолированных системах. SAP Enterprise Threat Detection (ETD) позволяет мониторить активность в реальном времени, предотвращая потенциальные атаки. Эти инструменты играют важнейшую роль в защите данных и обеспечении стабильности бизнес-процессов. Их использование помогает повысить устойчивость ERP-систем перед внутренними и внешними угрозами, укрепляя общую информационную безопасность организаций.Эти инструменты играют важную роль в предотвращении атак, повышении безопасности ERP-систем и защите данных от внутренних и внешних угроз. Их применение укрепляет общий уровень кибербезопасности компании, предотвращая катастрофические сбои и экономические потери.</p></abstract><trans-abstract xml:lang="en"><p>Cyber threats are becoming increasingly sophisticated, posing a significant risk to enterprise resource planning (ERP) systems, such as SAP, which support the critical processes of large organizations. One of the most serious vulnerabilities in SAP is RECON (CVE-2020-6287), which received the maximum score of 10 on the CVSSv3 scale. Such a high rating indicates the critical danger of the vulnerability, allowing unauthorized attackers to gain administrative access to the systems. This can lead to data leaks, destabilization of business processes, and compromise of financial information.To address the RECON issue, the article examines three key tools. INSTANT RECON from Onapsis ensures rapid vulnerability detection, minimizing the time lag between discovery and remediation. Offline Security offers threat protection methods applied in isolated systems. SAP Enterprise Threat Detection (ETD) allows monitoring activity in real-time, preventing potential attacks. These tools play a crucial role in data protection and ensuring the stability of business processes. Their use helps enhance the resilience of ERP systems against internal and external threats, strengthening the overall information security of organizations.</p></trans-abstract><kwd-group xml:lang="ru"><kwd>системы управления ресурсами</kwd><kwd>бизнес-процессы</kwd><kwd>контроль доступа</kwd><kwd>безопасность данных</kwd><kwd>безопасность приложений</kwd><kwd>уязвимость</kwd><kwd>INSTANT RECON</kwd><kwd>Offline Security</kwd><kwd>аналитика</kwd></kwd-group><kwd-group xml:lang="en"><kwd>resource management systems</kwd><kwd>business processes</kwd><kwd>access control</kwd><kwd>data security</kwd><kwd>application security</kwd><kwd>vulnerability</kwd><kwd>INSTANT RECON</kwd><kwd>Offline Security</kwd><kwd>analytics</kwd></kwd-group></article-meta></front><back><ref-list><title>References</title><ref id="cit1"><label>1</label><citation-alternatives><mixed-citation xml:lang="ru">Davenport T.H. Implementing Enterprise Systems in Enterprises / T.H. Davenport // Harvard Business Review. – 1998. – Р. 121-131. https://maaw.info/ArticleSummaries/ArtSumDavenport98.htm</mixed-citation><mixed-citation xml:lang="en">Davenport T.H. Implementing Enterprise Systems in Enterprises / T.H. Davenport // Harvard Business Review. – 1998. – Р. 121-131. https://maaw.info/ArticleSummaries/ArtSumDavenport98.htm</mixed-citation></citation-alternatives></ref><ref id="cit2"><label>2</label><citation-alternatives><mixed-citation xml:lang="ru">Rein Schmidt J. Securing SAP Applications Using a Secure Software Lifecycle / J. ReinSchmidt, G. François. – 2019. – 256 p.</mixed-citation><mixed-citation xml:lang="en">Rein Schmidt J. Securing SAP Applications Using a Secure Software Lifecycle / J. ReinSchmidt, G. François. – 2019. – 256 p.</mixed-citation></citation-alternatives></ref><ref id="cit3"><label>3</label><citation-alternatives><mixed-citation xml:lang="ru">U.S. Department of Commerce. (2018). Enterprise Resource Planning (ERP) Planning Guide. – 189 p.</mixed-citation><mixed-citation xml:lang="en">U.S. Department of Commerce. (2018). Enterprise Resource Planning (ERP) Planning Guide. – 189 p.</mixed-citation></citation-alternatives></ref><ref id="cit4"><label>4</label><citation-alternatives><mixed-citation xml:lang="ru">SAP Company Website. URL: https://me.sap.com/notes/2934135 (date of application: 01.09.2024).</mixed-citation><mixed-citation xml:lang="en">SAP Company Website. URL: https://me.sap.com/notes/2934135 (date of application: 01.09.2024).</mixed-citation></citation-alternatives></ref><ref id="cit5"><label>5</label><citation-alternatives><mixed-citation xml:lang="ru">SAP SE. (2021). SAP ERP Central Component (SAP ECC). URL: https://www.sap.com/centralasia-caucasus/index.html?url_id=auto_hp_redirect_central-asia-caucasus (date of application: 01.09.2024).</mixed-citation><mixed-citation xml:lang="en">SAP SE. (2021). SAP ERP Central Component (SAP ECC). URL: https://www.sap.com/centralasia-caucasus/index.html?url_id=auto_hp_redirect_central-asia-caucasus (date of application: 01.09.2024).</mixed-citation></citation-alternatives></ref><ref id="cit6"><label>6</label><citation-alternatives><mixed-citation xml:lang="ru">SAP Security Community. URL: https://pages.community.sap.com/topics/security (date of application: 04.09.2024).</mixed-citation><mixed-citation xml:lang="en">SAP Security Community. URL: https://pages.community.sap.com/topics/security (date of application: 04.09.2024).</mixed-citation></citation-alternatives></ref><ref id="cit7"><label>7</label><citation-alternatives><mixed-citation xml:lang="ru">Onapsis Research Labs. (2020). RECON: URL: https://onapsis.com/threat-research/recon/ (date of application: 15.09.2024).</mixed-citation><mixed-citation xml:lang="en">Onapsis Research Labs. (2020). RECON: URL: https://onapsis.com/threat-research/recon/ (date of application: 15.09.2024).</mixed-citation></citation-alternatives></ref><ref id="cit8"><label>8</label><citation-alternatives><mixed-citation xml:lang="ru">Common Vulnerabilities and Exposures (CVE). (2020). Details of CVE-2020-6287. URL: https://www.securitylab.ru/news/510313.php (date of application: 27.09.2024).</mixed-citation><mixed-citation xml:lang="en">Common Vulnerabilities and Exposures (CVE). (2020). Details of CVE-2020-6287. URL: https://www.securitylab.ru/news/510313.php (date of application: 27.09.2024).</mixed-citation></citation-alternatives></ref><ref id="cit9"><label>9</label><citation-alternatives><mixed-citation xml:lang="ru">National Vulnerability Database NIST. (2020). NVD – CVE-2020-6287. URL: https://nvd.nist.gov/vuln/detail/CVE-2020-6287 (date of application: 27.09.2024).</mixed-citation><mixed-citation xml:lang="en">National Vulnerability Database NIST. (2020). NVD – CVE-2020-6287. URL: https://nvd.nist.gov/vuln/detail/CVE-2020-6287 (date of application: 27.09.2024).</mixed-citation></citation-alternatives></ref><ref id="cit10"><label>10</label><citation-alternatives><mixed-citation xml:lang="ru">Offline Security. URL: https://github.com/offlinesec/offlinesec-client (date of application: 28.09.2024).</mixed-citation><mixed-citation xml:lang="en">Offline Security. URL: https://github.com/offlinesec/offlinesec-client (date of application: 28.09.2024).</mixed-citation></citation-alternatives></ref><ref id="cit11"><label>11</label><citation-alternatives><mixed-citation xml:lang="ru">Onapsis. (2021). URL: https://onapsis.com/ (date of application: 01.10.2024).</mixed-citation><mixed-citation xml:lang="en">Onapsis. (2021). URL: https://onapsis.com/ (date of application: 01.10.2024).</mixed-citation></citation-alternatives></ref><ref id="cit12"><label>12</label><citation-alternatives><mixed-citation xml:lang="ru">INSTANT RECON. URL: https://github.com/chipik/SAP_RECON/tree/master (date of application: 01.10.2024).</mixed-citation><mixed-citation xml:lang="en">INSTANT RECON. URL: https://github.com/chipik/SAP_RECON/tree/master (date of application: 01.10.2024).</mixed-citation></citation-alternatives></ref><ref id="cit13"><label>13</label><citation-alternatives><mixed-citation xml:lang="ru">SAPinsider. (2021). Complete Guide to SAP Security. URL: https://sapinsider.org/ (date of application: 05.10.2024)</mixed-citation><mixed-citation xml:lang="en">SAPinsider. (2021). Complete Guide to SAP Security. URL: https://sapinsider.org/ (date of application: 05.10.2024)</mixed-citation></citation-alternatives></ref><ref id="cit14"><label>14</label><citation-alternatives><mixed-citation xml:lang="ru"></mixed-citation><mixed-citation xml:lang="en"></mixed-citation></citation-alternatives></ref></ref-list><fn-group><fn fn-type="conflict"><p>The authors declare that there are no conflicts of interest present.</p></fn></fn-group></back></article>
