TechRadar

Watch out - this SAP NetWeaver bug has a maximum severity score, and it could target your servers next

SAP patched CVE-2025-42944, a critical flaw allowing unauthenticated OS command execution Two more severe vulnerabilities affect SAP Print Service and Supplier Relationship Management modules ...
The Hacker News

New SAP NetWeaver Bug Lets Attackers Take Over Servers Without Login

SAP has rolled out security fixes for 13 new security issues, including additional hardening for a maximum-severity bug in SAP NetWeaver AS Java that could result in arbitrary command execution. The ...
SecurityWeek

SAP Patches Critical Vulnerabilities in NetWeaver, Print Service, SRM

Business software maker SAP on Tuesday announced the release of 16 new and updated patch notes as part of its monthly rollout, including three fresh notes that address critical-severity ...
b2b-cyber-security

SAP patches two critical security vulnerabilities in September

As part of SAP Patch Day in September 2025, a total of 25 new and updated security advisories were published, including four HotNews and four High Priority Notes. Of particular focus are two critical ...
GitHub

SAP NetWeaver AS Java allows an attacker authenticated as...

This score calculates overall vulnerability severity from 0 to 10 and is based on the Common Vulnerability Scoring System (CVSS). Attack vector: More severe the more the remote (logically and ...
Bleeping Computer

SAP fixes maximum severity NetWeaver command execution flaw

SAP has addressed 21 new vulnerabilities affecting its products, including three critical severity issues impacting the NetWeaver software solution. SAP NetWeaver is the foundation for SAP's business ...
Infosecurity-magazine.com

Public Exploit Released for Critical SAP NetWeaver Flaw

A critical vulnerability in SAP NetWeaver AS Java Visual Composer, tracked as CVE-2025-31324, is now being widely exploited following the release of public exploit tooling. The flaw, patched in April ...
heise online

SAP Patchday: NetWeaver products are vulnerable to malware attacks

On Patchday in July, SAP developers closed a total of five "critical" security vulnerabilities. In the worst case scenario, malicious code can compromise systems. So far, there are no indications that ...
Infosecurity-magazine.com

SAP GUI Input History Found Vulnerable to Weak Encryption

Two vulnerabilities in SAP’s Graphical User Interface (SAP GUI) input history feature have been disclosed, revealing weaknesses in how sensitive user data is stored locally. The issues, discovered by ...
Yahoo Finance

Critical vulnerability in SAP NetWeaver Visual Composer leads to confirmed compromises

This story was originally published on Cybersecurity Dive. To receive daily news and insights, subscribe to our free daily Cybersecurity Dive newsletter. A critical vulnerability in SAP NetWeaver ...
techzine

SAP patches zero-day vulnerability in NetWeaver, denies exploitation

SAP has released emergency patches for a critical zero-day vulnerability in NetWeaver. The security flaw allows malicious files to be uploaded to the system without authentication. This makes it ...