SAP has released new security patches addressing critical vulnerabilities in NetWeaver and other enterprise systems. These flaws could allow attackers to execute arbitrary commands, access sensitive data, or compromise system availability. #NetWeaver #CVE202542944
Keypoints
- SAP announced 21 new security notes and four updates, including critical vulnerabilities in NetWeaver.
- The most severe bug (CVE-2025-42944) enables unauthenticated remote code execution via insecure deserialization.
- Exploitation of these vulnerabilities could lead to full system compromise, data breaches, and system disruptions.
- High-severity flaws are also present in Business One, SLD, Landscape Transformation, and S/4HANA systems.
- Users are urged to apply patches promptly, as threat actors are known to exploit similar vulnerabilities in the wild.
Read More: https://www.securityweek.com/sap-patches-critical-netweaver-vulnerabilities/