A critical SAP S/4HANA vulnerability (CVE-2025-42957) is being actively exploited, allowing attackers to take full control of affected systems. Organizations should monitor for signs of compromise and apply the latest security patches to mitigate risks. #CVE202542957 #SAPExploit
Keypoints
- The vulnerability CVE-2025-42957 was fixed by SAP in August after being responsibly disclosed in June.
- Exploitation enables attackers to execute arbitrary code, delete or insert data, create privileged users, and download password hashes.
- SecurityBridge has confirmed active exploitation in customer environments but is not revealing specific attack details.
- The vulnerability is of low complexity and can be exploited by skilled professionals with security expertise.
- Organizations should check logs for indicators such as suspicious RFC calls, new admin accounts, and unexpected code changes.
Read More: https://www.securityweek.com/recent-sap-s-4hana-vulnerability-exploited-in-attacks/