SAP has launched its July 2025 Safety Patch Day replace, addressing a major variety of vulnerabilities throughout its enterprise software program portfolio.
The excellent safety replace contains 27 new Safety Notes and three updates to beforehand launched patches, with seven vulnerabilities categorized as vital based mostly on their CVSS scores.
Essentially the most extreme vulnerability, affecting SAP Provider Relationship Administration (Dwell Public sale Cockpit), has obtained the utmost CVSS rating of 10.0, indicating the pressing want for quick patching throughout SAP environments worldwide.
Key Takeaways1. SAP launched 27 new Safety Notes plus 3 updates on July 8, 2025.2. Seven vital vulnerabilities recognized, with CVE-2025-30012 scoring most CVSS 10.0.3. Impacts main SAP merchandise together with S/4HANA, NetWeaver, ABAP Platform, and SAPCAR.4. Rapid patch deployment is really useful for vital authentication and injection vulnerabilities.
Important SAP SRM Vulnerability (CVE-2025-30012)
The seven vital vulnerabilities recognized on this patch cycle pose vital dangers to SAP environments and require quick administrative motion.
Essentially the most extreme menace comes from CVE-2025-30012, a a number of vulnerability subject in SAP Provider Relationship Administration (Dwell Public sale Cockpit) affecting SRM_SERVER model 7.14.
The vulnerability is especially regarding on account of its most CVSS rating of 10.0, indicating that it presents an especially excessive danger to affected programs with potential for full system compromise.
The vulnerability is a part of a broader safety concern that encompasses a number of associated CVEs, together with CVE-2025-30009, CVE-2025-30010, CVE-2025-30011, and CVE-2025-30018.
This interconnected nature means that the vulnerability impacts a number of parts or features throughout the Dwell Public sale Cockpit, doubtlessly creating a number of assault vectors that malicious actors might exploit concurrently.
Six Further Important Flaws
Six extra vital vulnerabilities, all scoring 9.1 on the CVSS scale, goal varied parts of SAP’s infrastructure.
CVE-2025-42967 addresses a code injection vulnerability in SAP S/4HANA and SAP SCM (Attribute Propagation), affecting a number of variations together with SCMAPO 713-714, S4CORE 102-104, and S4COREOP 105-108.
The remaining vital vulnerabilities concentrate on insecure deserialization points throughout SAP NetWeaver Enterprise Portal parts, together with CVE-2025-42980 within the Federated Portal Community, CVE-2025-42964 in Portal Administration, CVE-2025-42966 in XML Knowledge Archiving Service, and CVE-2025-42963 within the Log Viewer software for Java environments.
Excessive and Medium Severity Flaws
Excessive-priority vulnerabilities embody CVE-2025-42959, which addresses lacking authentication checks in SAP NetWeaver ABAP Server and ABAP Platform throughout a number of SAP_BASIS variations starting from 700 to 915.
This vulnerability scores 8.1 on the CVSS scale and impacts a broad vary of SAP installations.
Medium-priority vulnerabilities embody a various vary of safety points, together with Cross-Website Scripting (XSS) vulnerabilities equivalent to CVE-2025-42969 in SAP NetWeaver Software Server ABAP and CVE-2025-42962 in SAP Enterprise Warehouse.
Listing traversal vulnerabilities affecting SAPCAR (CVE-2025-42970) and privilege escalation points (CVE-2025-43001) additional display the great nature of this safety replace.
The SAPCAR utility, important for SAP bundle administration, requires consideration throughout variations 7.53 and seven.22EXT to deal with a number of safety issues together with reminiscence corruption (CVE-2025-42971) and insecure file operations.
CVEsProductTypeCVSS 3.1 ScoreCVE-2025-30012SAP Provider Relationship Administration (Dwell Public sale Cockpit)A number of Vulnerabilities10.0 (Important)CVE-2025-42967SAP S/4HANA and SAP SCM (Attribute Propagation)Code Injection9.1 (Important)CVE-2025-42980SAP NetWeaver Enterprise Portal Federated Portal NetworkInsecure Deserialization9.1(Important)CVE-2025-42964SAP NetWeaver Enterprise Portal AdministrationInsecure Deserialization9.1 (Important)CVE-2025-42966SAP NetWeaver (XML Knowledge Archiving Service)Insecure Java Deserialization9.1 (Important)CVE-2025-42963SAP NetWeaver Software Server for Java (Log Viewer)Unsafe Java Deserialization9.1 (Important)CVE-2025-42959SAP NetWeaver ABAP Server and ABAP PlatformMissing Authentication Check8.1 (Excessive)CVE-2025-42953SAP NetWeaver Software Server for ABAPMissing Authorization Check8.1 (Excessive)CVE-2024-53677SAP Enterprise Objects Enterprise Intelligence Platform (CMC)Insecure File Operations8.0 (Excessive)CVE-2025-42952SAP Enterprise Warehouse and SAP Plug-In BasisMissing Authorization Check7.7 (Excessive)CVE-2025-42977SAP NetWeaver Visible ComposerDirectory Traversal7.6 (Excessive)CVE-2025-43001SAPCARMultiple Privilege Escalation6.9 (Medium)CVE-2025-42993SAP S/4HANA (Enterprise Occasion Enablement)Lacking Authorization Check6.7 (Medium)CVE-2025-42981SAP NetWeaver Software Server ABAPMultiple Vulnerabilities6.1(Medium)CVE-2025-42969SAP NetWeaver Software Server ABAP and ABAP PlatformCross-Website Scripting (XSS)6.1 (Medium)CVE-2025-42962SAP Enterprise Warehouse (Enterprise Explorer Internet 3.5 loading animation)Cross-Website Scripting (XSS)6.1(Medium)CVE-2025-42985SAP BusinessObjects Content material Administrator workbenchOpen Redirect6.1(Medium)CVE-2025-42970SAPCARDirectory Traversal5.8 (Medium)CVE-2025-42979SAP GUI for WindowsInsecure Key & Secret Management5.6(Medium)CVE-2025-42973SAP Knowledge Companies (DQ Report)Cross-Website Scripting (XSS)5.4 (Medium)CVE-2025-42968SAP NetWeaver (RFC enabled operate module)Lacking Authorization Check5.0 (Medium)CVE-2025-42961SAP NetWeaver Software Server for ABAPMissing Authorization Check4.9 (Medium)CVE-2025-42960SAP Enterprise Warehouse and SAP BW/4HANA BEx ToolsMissing Authorization Check4.3 (Medium)CVE-2025-42986SAP NetWeaver and ABAP PlatformMissing Authorization Check4.3 (Medium)CVE-2025-42974SAP NetWeaver and ABAP Platform (SDCCN)Lacking Authorization Check4.3 (Medium)CVE-2025-31326SAP BusinessObjects Enterprise Intelligence Platform (Internet Intelligence)HTML Injection4.1 (Medium)CVE-2025-42965SAP BusinessObjects BI Platform Central Administration Console Promotion Administration ApplicationServer Facet Request Forgery (SSRF)4.1(Medium)CVE-2025-42971SAPCARMemory Corruption4.0 (Medium)CVE-2025-42978SAP NetWeaver Software Server JavaInsufficiently Safe Hostname Verification for Outbound TLS Connections3.5 (Low)CVE-2025-42954SAP NetWeaver Enterprise Warehouse (CCAW software)Denial of Service (DoS)2.7 (Low)
Rapid Patching Required
SAP has emphasised the vital significance of making use of these safety patches instantly, significantly given the severity of the recognized vulnerabilities.
The corporate strongly recommends that clients go to the Assist Portal and prioritize patch implementation to guard their SAP panorama from potential safety breaches.
The broad scope of affected merchandise, starting from SAP_BASIS parts to specialised functions like Enterprise Objects Enterprise Intelligence Platform, underscores the significance of complete patch administration methods.
The updates deal with elementary safety issues, together with authentication bypasses, authorization failures, and injection vulnerabilities that would doubtlessly compromise complete SAP environments.
Unique Webinar Alert: Harnessing Intel® Processor Improvements for Superior API Safety – Register for Free
