Onapsis recently discovered a critical vulnerability of the SAP (CVE-2020-6287 or RECON), which gives attackers complete control over vulnerable business applications. It enables hackers to gain unauthenticated access to SAP, and then create new user accounts with privileges of admin (superuser). A malicious hacker can inflict massive damages with these privileges, including stealing data, changing bank account numbers, altogether sabotaging systems, etc.