Enterprise software program maker SAP on Tuesday launched 16 new and two up to date safety notes as a part of its Might 2025 Safety Patch Day. Two of the notes handle essential vulnerabilities in NetWeaver.
Probably the most extreme is an replace to a notice launched on April 24 to handle CVE-2025-31324 (CVSS rating of 10/10), a critical-severity bug in NetWeaver’s Visible Composer improvement server element that has been exploited within the wild since January, for distant code execution (RCE).
A whole lot of NetWeaver servers have been compromised via CVE-2025-31324’s exploitation, and software safety agency Onapsis warns that opportunistic attackers need to leverage webshells deployed in the course of the preliminary zero-day assaults.
The corporate is seeing “important exercise from attackers who’re utilizing public info to set off exploitation and abuse of webshells positioned by the unique attackers, who’ve presently gone darkish.”
Evaluation of the assaults has led to the invention of one other essential defect in NetWeaver’s Visible Composer. Tracked as CVE-2025-42999 (CVSS rating of 9.1) and described as an insecure deserialization challenge, the vulnerability was resolved with the second essential safety notice launched on SAP’s Might 2025 Safety Patch Day.
“SAP did a unbelievable job responding shortly to new info and circled a further patch to boost protections for the lively exploit within the wild,” Onapsis says.
Because the April 2025 safety notes had been rolled out, SAP additionally up to date two essential notes addressing code injection points in S/4HANA (CVE-2025-27429) and Panorama Transformation (CVE-2025-31330). Regardless of the completely different CVEs, the notes resolve the identical flaw.
On Tuesday, SAP launched 4 new and one up to date safety notes that handle high-severity bugs in Provider Relationship Administration, S/4HANA Cloud Non-public Version or On Premise, Enterprise Objects Enterprise Intelligence Platform, Panorama Transformation, and PDCE.Commercial. Scroll to proceed studying.
The software program maker additionally launched 11 new safety notes that resolve medium-severity vulnerabilities in varied merchandise.
SAP prospects are suggested to use the safety notes as quickly as potential, particularly given the continued exploitation of CVE-2025-31324.
Associated: Second Wave of Assaults Hitting SAP NetWeaver After Zero-Day Compromise
Associated: SAP Patches Important Code Injection Vulnerabilities
Associated: SAP Patches Excessive-Severity Vulnerabilities in Commerce, NetWeaver
Associated: SAP Releases 21 Safety Patches
