“The vulnerability in SAP Netweaver, dubbed 'RECON' (Remotely Exploitable Code on NetWeaver), affects over 40.000 companies worldwide. They give attackers control over business-critical applications, including supply chain management (SCM) and enterprise resource planning (ERP). This makes the weak point more than a pure IT problem. If it is exploited, it can lead to violations of the GDPR and other consequences, as it gives criminals access to highly sensitive and private data and can also steal intellectual property, improperly approve payments or change financial data.
Criminals will not miss this lucrative opportunity. That is why companies should patch their systems as quickly as possible. "
More on this at Tenable.com