News

Infosecurity Magazine6d

SAP S/4HANA Users Urged to Patch Critical Exploited Bug

“SAP S/4HANA allows an attacker with user privileges to exploit a vulnerability in the function module exposed via RFC. This ...
SecurityWeek5d

SAP Patches Critical NetWeaver Vulnerabilities

SAP announced 21 new and four updated security notes, including four notes that address critical-severity vulnerabilities in ...
American Hospital Association5d

H-ISAC TLP White Threat Bulletin: Critical SAP S/4HANA Vulnerability Actively Exploited (CVE-2025-42957) Sept. 9, 2025

Exploitation of the SAP S/4HANA flaw, tracked as CVE-2025-42957, has been disclosed. The vulnerability allows code injection and privilege escalation, potentially giving a low-privileged user full ...

Critical SAP S/4HANA vulnerability now exploited in attacks

A critical SAP S/4HANA code injection vulnerability is being leveraged in attacks in the wild to breach exposed servers, ...

SAP fixes maximum severity NetWeaver command execution flaw

SAP has addressed 21 new vulnerabilities affecting its products, including three critical severity issues impacting the ...