From bleepingcomputer.com
![SAP](https://www.bleepstatic.com/content/hl-images/2019/05/02/SAP.jpg)
Just two days after SAP released patches for a critical NetWeaver AS JAVA remote code execution vulnerability, proof-of-concept (PoC) exploits have been released, and active scans are underway to exploit devices.
Discovered by Onapsis, The RECON (Remotely Exploitable Code On NetWeaver) vulnerability is tracked as CVE-2020-6287 and is rated with a maximum CVSS score of 10 out of 10.