Researcher outlines known RFC vulnerabilities in SAP software that lead to unauthenticated remote code execution

In a paper presented at a European cyber security conference today, Fabian Hagg outlined research that chained together server-to-server communications bugs and design flaws discovered in SAP NetWeaver Application Server ABAP (AS ABAP) and ABAP Platform.

application bugs code code execution communications conference cyber cyber security design flaws netweaver platform remote code remote code execution research researcher rfc sap security security awareness security conference server software vulnerabilities