News

Critical SAP S/4HANA vulnerability now exploited in attacks

A critical SAP S/4HANA code injection vulnerability is being leveraged in attacks in the wild to breach exposed servers, ...
TechJuice1d

NCERT Warns Of A Code Injection Vulnerability Affecting Worldwide

NCERT has warned Pakistani enterprises of a S/4HANA vulnerability that can inject a malicious ABAP code via RFC.
The Hacker News5d

SAP S/4HANA Critical Vulnerability CVE-2025-42957 Exploited in the Wild

A critical security vulnerability impacting SAP S/4HANA, an Enterprise Resource Planning (ERP) software, has come under ...
Infosecurity Magazine2d

SAP S/4HANA Users Urged to Patch Critical Exploited Bug

“SAP S/4HANA allows an attacker with user privileges to exploit a vulnerability in the function module exposed via RFC. This ...
The Hacker News5h

SAP Patches Critical NetWeaver (CVSS Up to 10.0) and High-Severity S/4HANA Flaws

SAP patches critical NetWeaver and S/4HANA flaws (CVSS 8.1–10.0), preventing code execution, file upload, and data loss.
SecurityWeek22h

SAP Patches Critical NetWeaver Vulnerabilities

SAP announced 21 new and four updated security notes, including four notes that address critical-severity vulnerabilities in ...

SAP users patch now - worrying S/4HANA vulnerability being exploited in the wild

S/4HANA, SAP’s Enterprise Resource Planning (ERP) software suite, was carrying a critical vulnerability which allowed threat ...
American Hospital Association15h

H-ISAC TLP White Threat Bulletin: Critical SAP S/4HANA Vulnerability Actively Exploited (CVE-2025-42957) Sept. 9, 2025

Exploitation of the SAP S/4HANA flaw, tracked as CVE-2025-42957, has been disclosed. The vulnerability allows code injection and privilege escalation, potentially giving a low-privileged user full ...