News

SecurityWeek2d

SAP Patches Critical NetWeaver Vulnerabilities

SAP announced 21 new and four updated security notes, including four notes that address critical-severity vulnerabilities in ...

SAP warns of high-severity vulnerabilities in multiple products

As hackers exploit a high-severity vulnerability in SAP’s flagship Enterprise Resource Planning software product, the ...
American Hospital Association2d

H-ISAC TLP White Threat Bulletin: Critical SAP S/4HANA Vulnerability Actively Exploited (CVE-2025-42957) Sept. 9, 2025

Exploitation of the SAP S/4HANA flaw, tracked as CVE-2025-42957, has been disclosed. The vulnerability allows code injection and privilege escalation, potentially giving a low-privileged user full ...
Infosecurity Magazine3d

SAP S/4HANA Users Urged to Patch Critical Exploited Bug

“SAP S/4HANA allows an attacker with user privileges to exploit a vulnerability in the function module exposed via RFC. This ...

SAP fixes maximum severity NetWeaver command execution flaw

SAP has addressed 21 new vulnerabilities affecting its products, including three critical severity issues impacting the ...

SAP users patch now - worrying S/4HANA vulnerability being exploited in the wild

S/4HANA, SAP’s Enterprise Resource Planning (ERP) software suite, was carrying a critical vulnerability which allowed threat actors to fully take over vulnerable endpoints. The company has now ...
Threat Post5y

Critical SAP Bug Allows Full Enterprise System Takeover

Exploitation of the bug can allow an attacker to lift sensitive information, delete files, execute code, carry out sabotage and more. A critical vulnerability, carrying a severity score of 10 out of ...