SAP Patches Critical NetWeaver (CVSS Up to 10.0) and Previously Exploited S/4HANA Flaws

SAP Patches Critical NetWeaver (CVSS Up to 10.0) and Previously Exploited S/4HANA Flaws

Posted on By CWS

Sep 10, 2025Ravie LakshmananSoftware Safety / Vulnerability

SAP on Tuesday launched safety updates to handle a number of safety flaws, together with three essential vulnerabilities in SAP Netweaver that might end in code execution and the add arbitrary recordsdata.
The vulnerabilities are listed under –

CVE-2025-42944 (CVSS rating: 10.0) – A deserialization vulnerability in SAP NetWeaver that might permit an unauthenticated attacker to submit a malicious payload to an open port by means of the RMI-P4 module, leading to working system command execution
CVE-2025-42922 (CVSS rating: 9.9) – An insecure file operations vulnerability in SAP NetWeaver AS Java that might permit an attacker authenticated as a non-administrative person to add an arbitrary file
CVE-2025-42958 (CVSS rating: 9.1) – A lacking authentication examine vulnerability within the SAP NetWeaver software on IBM i-series that might permit extremely privileged unauthorized customers to learn, modify, or delete delicate data, in addition to entry administrative or privileged functionalities

“[CVE-2025-42944] permits an unauthenticated attacker to execute arbitrary OS instructions by submitting a malicious payload to an open port,” Onapsis stated. “A profitable exploit can result in full compromise of the applying. As a short lived workaround, clients ought to add P4 port filtering on the ICM degree to stop unknown hosts from connecting to the P4 port.”
Additionally addressed by SAP is a high-severity lacking enter validation bug in SAP S/4HANA (CVE-2025-42916, CVSS rating: 8.1) that might allow an attacker with excessive privilege entry to ABAP reviews to delete the content material of arbitrary database tables, ought to the tables not be protected by an authorization group.
The patches arrive days after SecurityBridge and Pathlock disclosed {that a} essential safety defect in SAP S/4HANA that was mounted by the corporate final month (CVE-2025-42957, CVSS rating: 9.9) has come beneath energetic exploitation within the wild.
Whereas there isn’t a proof that the newly disclosed points have been weaponized by unhealthy actors, it is important that customers transfer to use the required updates as quickly as doable for optimum safety.

The Hacker News Tags:, , , , , , , ,

Related Posts

Python Infostealers Expanding to macOS via Fake Ads Python Infostealers Expanding to macOS via Fake Ads The Hacker News
Researchers Expose TA585’s MonsterV2 Malware Capabilities and Attack Chain Researchers Expose TA585’s MonsterV2 Malware Capabilities and Attack Chain The Hacker News
Soco404 and Koske Malware Target Cloud Services with Cross-Platform Cryptomining Attacks Soco404 and Koske Malware Target Cloud Services with Cross-Platform Cryptomining Attacks The Hacker News
BlueNoroff Deepfake Zoom Scam Hits Crypto Employee with MacOS Backdoor Malware BlueNoroff Deepfake Zoom Scam Hits Crypto Employee with MacOS Backdoor Malware The Hacker News
Scattered Spider Hijacks VMware ESXi to Deploy Ransomware on Critical U.S. Infrastructure Scattered Spider Hijacks VMware ESXi to Deploy Ransomware on Critical U.S. Infrastructure The Hacker News
Wi-Fi Hack, npm Worm, DeFi Theft, Phishing Blasts— and 15 More Stories Wi-Fi Hack, npm Worm, DeFi Theft, Phishing Blasts— and 15 More Stories The Hacker News