TechRadar

Watch out - this SAP NetWeaver bug has a maximum severity score, and it could target your servers next

SAP patched CVE-2025-42944, a critical flaw allowing unauthenticated OS command execution Two more severe vulnerabilities affect SAP Print Service and Supplier Relationship Management modules ...
The Hacker News

New SAP NetWeaver Bug Lets Attackers Take Over Servers Without Login

SAP has rolled out security fixes for 13 new security issues, including additional hardening for a maximum-severity bug in SAP NetWeaver AS Java that could result in arbitrary command execution. The ...
Reuters

Exclusive: SAP offers concessions in bid to address EU antitrust concerns, sources say

EU looking at business practices related to software sales European Commission has questioned companies about SAP, Oracle Concessions could avert an investigation and possible heavy fine BRUSSELS, ...
The Hacker News

SAP Patches Critical NetWeaver (CVSS Up to 10.0) and High-Severity S/4HANA Flaws

SAP on Tuesday released security updates to address multiple security flaws, including three critical vulnerabilities in SAP Netweaver that could result in code execution and the upload arbitrary ...
Ars Technica

SAP warns of high-severity vulnerabilities in multiple products

As hackers exploit a high-severity vulnerability in SAP’s flagship Enterprise Resource Planning software product, the software maker is warning users of more than two dozen newly detected ...
Bleeping Computer

SAP fixes maximum severity NetWeaver command execution flaw

SAP has addressed 21 new vulnerabilities affecting its products, including three critical severity issues impacting the NetWeaver software solution. SAP NetWeaver is the foundation for SAP's business ...
Infosecurity-magazine.com

Public Exploit Released for Critical SAP NetWeaver Flaw

A critical vulnerability in SAP NetWeaver AS Java Visual Composer, tracked as CVE-2025-31324, is now being widely exploited following the release of public exploit tooling. The flaw, patched in April ...
SecurityWeek

New Exploit Poses Threat to SAP NetWeaver Instances

A new public exploit chains two critical flaws in SAP NetWeaver, exposing unpatched instances to code execution attacks. Dozens of SAP NetWeaver instances are susceptible to compromise after a threat ...
aha.org

H-ISAC TLP White Threat Bulletin: Publicly Available Exploit Code Chains Critical SAP NetWeaver Flaws

On August 15, 2025, exploit code was released that chains two critical vulnerabilities in SAP NetWeaver’s Visual Composer to bypass authentication and achieve remote code execution. The flaws, tracked ...
EDN

Intrexx Offers the First Programming-free Generic Adapter for SAP NetWeaver Gateway

United Planet (http://www.unitedplanet.com), one of the leading developers of enterprise portal software in Europe, has introduced the first programming-free generic ...
TechRadar

Hackers hit SAP security bug to send out nasty Linux malware

A critical flaw in SAP NetWeaver is still being abused, months after patching Researchers saw it used to deploy Auto-Color This backdoor remains dormant when not in use A vulnerability in SAP ...