Just two days after SAP released patches for a critical NetWeaver AS JAVA remote code execution vulnerability, proof-of-concept (PoC) exploits have been released, and active scans are underway to exploit devices.

Discovered by Onapsis, The RECON (Remotely Exploitable Code On NetWeaver) vulnerability is tracked as CVE-2020-6287 and is rated with a maximum CVSS score of 10 out of 10.

If exploited, it could allow unauthenticated, remote attackers to gain full access to the vulnerable systems. These systems could then be used as launching pads for further attacks within a corporate network.

Another vulnerability tracked as CVE-2020-6286 was


Kurt Bauschardt/Flickr

Contributing Correspondent Gretchen Vogel talks about what can be learned from schools around the world that have reopened during the coronavirus pandemic. Unfortunately, few systematic studies have been done, but observations of outbreaks in schools in places such as France or Israel do offer a few lessons for countries looking to send children back to school soon. The United Kingdom and Germany have started studies of how the virus spreads in children and at school, but results are months away. In the meantime, Gretchen’s reporting suggests small class sizes, masks, and social distancing among adults at schools