In a paper presented at a European cyber security conference today, Fabian Hagg outlined research that chained together server-to-server communications bugs and design flaws discovered in SAP NetWeaver Application Server ABAP (AS ABAP) and ABAP Platform.
Article Link: Researcher outlines known RFC vulnerabilities in SAP software that lead to unauthenticated remote code execution | SC Media