SAP has urged users to immediately patch a critical vulnerability, CVE-2020-6287, that gives a remote, unauthenticated attacker (no email, no password needed) unrestricted access to SAP systems with the ability to steal data, change financial details or simply bring systems to a juddering halt. Yes, it’s that bad.
Read full article on CBR – CyberSecurity News