News

SAP warns of high-severity vulnerabilities in multiple products

As hackers exploit a high-severity vulnerability in SAP’s flagship Enterprise Resource Planning software product, the ...
Infosecurity Magazine4d

SAP S/4HANA Users Urged to Patch Critical Exploited Bug

“SAP S/4HANA allows an attacker with user privileges to exploit a vulnerability in the function module exposed via RFC. This ...
The Hacker News2d

SAP Patches Critical NetWeaver (CVSS Up to 10.0) and High-Severity S/4HANA Flaws

SAP patches critical NetWeaver and S/4HANA flaws (CVSS 8.1–10.0), preventing code execution, file upload, and data loss.

SAP fixes maximum severity NetWeaver command execution flaw

SAP has addressed 21 new vulnerabilities affecting its products, including three critical severity issues impacting the ...
American Hospital Association3d

H-ISAC TLP White Threat Bulletin: Critical SAP S/4HANA Vulnerability Actively Exploited (CVE-2025-42957) Sept. 9, 2025

Exploitation of the SAP S/4HANA flaw, tracked as CVE-2025-42957, has been disclosed. The vulnerability allows code injection and privilege escalation, potentially giving a low-privileged user full ...

Critical SAP S/4HANA vulnerability now exploited in attacks

A critical SAP S/4HANA code injection vulnerability is being leveraged in attacks in the wild to breach exposed servers, ...
CSO Online9d

Alert: Exploit available to threat actors for SAP S/4HANA critical vulnerability

“While widespread exploitation has not yet been reported,” Germany-based SecurityBridge said in a blog on Thursday, it has ...

SAP users patch now - worrying S/4HANA vulnerability being exploited in the wild

S/4HANA, SAP’s Enterprise Resource Planning (ERP) software suite, was carrying a critical vulnerability which allowed threat actors to fully take over vulnerable endpoints. The company has now ...