ANALYSIS OF SAP ERP SYSTEM VULNERABILITIES: INVESTIGATING THE RECON ISSUE AND ITS IMPACT ON INFORMATION SECURITY

Cyber threats are becoming increasingly sophisticated, posing a significant risk to enterprise resource planning (ERP) systems, such as SAP, which support the critical processes of large organizations. One of the most serious vulnerabilities in SAP is RECON (CVE-2020-6287), which received the maximum score of 10 on the CVSSv3 scale. Such a high rating indicates the critical danger of the vulnerability, allowing unauthorized attackers to gain administrative access to the systems. This can lead to data leaks, destabilization of business processes, and compromise of financial information.
To address the RECON issue, the article examines three key tools. INSTANT RECON from Onapsis ensures rapid vulnerability detection, minimizing the time lag between discovery and remediation. Offline Security offers threat protection methods applied in isolated systems. SAP Enterprise Threat Detection (ETD) allows monitoring activity in real-time, preventing potential attacks. These tools play a crucial role in data protection and ensuring the stability of business processes. Their use helps enhance the resilience of ERP systems against internal and external threats, strengthening the overall information security of organizations.

1. Davenport T.H. Implementing Enterprise Systems in Enterprises / T.H. Davenport // Harvard Business Review. – 1998. – Р. 121-131. https://maaw.info/ArticleSummaries/ArtSumDavenport98.htm

2. Rein Schmidt J. Securing SAP Applications Using a Secure Software Lifecycle / J. ReinSchmidt, G. François. – 2019. – 256 p.

3. U.S. Department of Commerce. (2018). Enterprise Resource Planning (ERP) Planning Guide. – 189 p.

4. SAP Company Website. URL: https://me.sap.com/notes/2934135 (date of application: 01.09.2024).

5. SAP SE. (2021). SAP ERP Central Component (SAP ECC). URL: https://www.sap.com/centralasia-caucasus/index.html?url_id=auto_hp_redirect_central-asia-caucasus (date of application: 01.09.2024).

6. SAP Security Community. URL: https://pages.community.sap.com/topics/security (date of application: 04.09.2024).

7. Onapsis Research Labs. (2020). RECON: URL: https://onapsis.com/threat-research/recon/ (date of application: 15.09.2024).

8. Common Vulnerabilities and Exposures (CVE). (2020). Details of CVE-2020-6287. URL: https://www.securitylab.ru/news/510313.php (date of application: 27.09.2024).

9. National Vulnerability Database NIST. (2020). NVD – CVE-2020-6287. URL: https://nvd.nist.gov/vuln/detail/CVE-2020-6287 (date of application: 27.09.2024).

10. Offline Security. URL: https://github.com/offlinesec/offlinesec-client (date of application: 28.09.2024).

11. Onapsis. (2021). URL: https://onapsis.com/ (date of application: 01.10.2024).

12. INSTANT RECON. URL: https://github.com/chipik/SAP_RECON/tree/master (date of application: 01.10.2024).

13. SAPinsider. (2021). Complete Guide to SAP Security. URL: https://sapinsider.org/ (date of application: 05.10.2024)

14.