Proof-of-Concept Exploit Script Available for Critical SAP...

Proof-of-Concept Exploit Script Available for Critical SAP Solution Manager Vulnerability (CVE-2020-6207)

Last week, a researcher named Dmitry Chastuhin published a proof-of-concept exploit script for CVE-2020-6207, a critical missing authentication check vulnerability in the SAP Solution Manager. The vulnerability, which received a CVSSv3 score of 10.0, was patched back in March 2020.

Discovery of the vulnerability is credited to Pablo Artuso and Yvan Genuer of Onapsis. For context, Onapsis also discovered and disclosed another missing authentication vulnerability, identified as CVE-2020-6287 and dubbed “RECON” by the researchers, which was patched last July. RECON is at least the second notable missing authentication vulnerability in SAP products patched in the last year.

For more information about CVE-2020-6207, including the availability of patches and Tenable product coverage, please visit our blog.

Cyber Exposure Alerts

Vulnerability Watch

Forum Discussion

Proof-of-Concept Exploit Script Available for Critical SAP...

Recent Discussions

CVE-2025-64155: Exploit Code Released for Critical Fortinet FortiSIEM Vulnerability

Microsoft’s January 2026 Patch Tuesday Addresses 113 CVEs (CVE-2026-20805)

CVE-2025-14847 (MongoBleed): MongoDB Memory Leak Vulnerability Exploited in the Wild

CVE-2025-40602: SonicWall Secure Mobile Access (SMA) 1000 Zero-Day Exploited

Microsoft Patch Tuesday 2025 Year in Review

Americas

Europe

Asia / Australia