News

The Hacker News4d

SAP Patches Critical NetWeaver (CVSS Up to 10.0) and High-Severity S/4HANA Flaws

SAP patches critical NetWeaver and S/4HANA flaws (CVSS 8.1–10.0), preventing code execution, file upload, and data loss.
Infosecurity Magazine6d

SAP S/4HANA Users Urged to Patch Critical Exploited Bug

“SAP S/4HANA allows an attacker with user privileges to exploit a vulnerability in the function module exposed via RFC. This ...
American Hospital Association4d

H-ISAC TLP White Threat Bulletin: Critical SAP S/4HANA Vulnerability Actively Exploited (CVE-2025-42957) Sept. 9, 2025

Exploitation of the SAP S/4HANA flaw, tracked as CVE-2025-42957, has been disclosed. The vulnerability allows code injection and privilege escalation, potentially giving a low-privileged user full ...

SAP warns of high-severity vulnerabilities in multiple products

As hackers exploit a high-severity vulnerability in SAP’s flagship Enterprise Resource Planning software product, the ...
The Hacker News9d

SAP S/4HANA Critical Vulnerability CVE-2025-42957 Exploited in the Wild

A critical security vulnerability impacting SAP S/4HANA, an Enterprise Resource Planning (ERP) software, has come under ...

SAP fixes maximum severity NetWeaver command execution flaw

SAP has addressed 21 new vulnerabilities affecting its products, including three critical severity issues impacting the ...
CSOonline1y

SAP patches critical bugs allowing full system compromise

SAP has sealed a bunch of severe bugs affecting its systems, including two critical vulnerabilities that can allow full system compromise. On its Security Patch Day for August 2024, the software giant ...