sb-eu logo
Story image

RedShield develops 'virtual shield' to protect against SAP RECON vulnerability

24 Jul 2020

New Zealand-based security firm RedShield has developed a ‘virtual shield’ that addresses major vulnerabilities within SAP.

SAP recently shared details of the RECON vulnerability in its SAP Networker Application Server (AS) Java LM Configuration Wizard, which is critical to the SAP stack.

The vulnerability (CVE-2020-6287) could allow attackers to take over SAP systems by remotely accessing the server. As many as 40,000 SAP customers and 2500 systems could be affected by the vulnerability.

According to RedShield, The SAP NetWeaver Java is a base layer for many SAP products. 

Attackers who exploit the vulnerability may allow an attacker to leverage the connected systems and access further business-critical data and Personally Identifiable Information (PII). Attackers could also potentially access, delete, or manipulate financial records and banking details; and they could perform other admin functions such as deleting or modifying database records, traces, logs, and other files.

RedShield chief executive officer Andy Prow says SAP customers must stay protected and alert.

“However, the reason we see so many organisations struggling to act and apply patches quickly is because of the potential business risks and what down-stream impact may be caused.”

“Because applying these patches can be difficult and take time, we’ve seen some organisations attempt to block access to the affected SAP services; however, this is a heavy-handed response, and often is untenable as a long term solution. We’ve also seen some organisations introduce pre-authentication by allowing only authenticated users to access the server; however, this assumes the malicious user has not already gained authentication and is also not a viable solution in all cases.”

He adds that vulnerability shielding involves injecting code in front of the vulnerable application to fully remediate the attack. 

“The most important factor is that the shield requires zero-touch to the application, meaning vulnerabilities are removed without the risk and interruption caused by touching systems like SAP.”

He explains that by deploying a shield object to shield the RECON vulnerability without affecting SAP application code, protection can be fast and effective. 

“We can provide immediate peace of mind with our shielding approach. With the shield(s) in place, the customer may still upgrade or patch the systems behind the shields, but they can do so in a planned and managed way, over time.” 

RedShield says it can deploy shields for both legacy and new SAP applications - as well as APIs. Depending on the shielding architecture needed, implementation can be completed within hours, well within the Cybersecurity and Infrastructure Security Agency (CISA) recommended 24-hour timeframe.

Story image
Radware launches DDoS protection for online gaming
“Online games are a massive, multi-billion-dollar industry, but they frequently fall victim to powerful and targeted DDoS attacks,"More
Story image
Experiencing ransomware significantly impacts cybersecurity approach
"The survey findings illustrate clearly the impact of these near-impossible demands. Among other things, those hit by ransomware were found to have severely undermined confidence in their own cyber threat awareness."More
Story image
Why zero trust could fail due to lack of understanding​, not technology
Security architects are being forced to re-examine the concept of identity, with many turning to a zero trust security model to provide a better architecture for protecting their sensitive resources.More
Story image
Palo Alto Networks launches new SD-WAN solutions and enhancements
Palo Alto Networks has introduced two new SD-WAN appliances and enhancements to its next-generation SD-WAN solution, expanding the company’s CloudGenix SD-WAN solutions reach.More
Story image
Creating private data regulations for employees
Whether employees are hired on a part-time or full-time basis, everyone must know about data privacy regulations. Everyone needs to be responsible for keeping the organisation’s data secure. More
Story image
New project development inhibited by cybersecurity, Kaspersky research states
"There are still some practical steps that can be taken to make sure that an emerging technology or a product reaches its launch. Cybersecurity doesn’t have to be another corporate barrier, but it should be on an integral part of the project all long."More