News

Critical SAP S/4HANA vulnerability now exploited in attacks

A critical SAP S/4HANA code injection vulnerability is being leveraged in attacks in the wild to breach exposed servers, ...

Reports That Do More: Using SAP S/4HANA Embedded Analytics To Fuel Financial Intelligence

With more than 18 years of experience in SAP technologies, he now focuses on improving SAP reporting systems by reducing ...
CSO Online

Alert: Exploit available to threat actors for SAP S/4HANA critical vulnerability

“While widespread exploitation has not yet been reported,” Germany-based SecurityBridge said in a blog on Thursday, it has ...

SAP users patch now - worrying S/4HANA vulnerability being exploited in the wild

SAP patches critical S/4HANA flaw which allowed full system takeover Attackers can inject ABAP code and bypass authorization ...
American Hospital Association

H-ISAC TLP White Threat Bulletin: Critical SAP S/4HANA Vulnerability Actively Exploited (CVE-2025-42957) Sept. 9, 2025

Exploitation of the SAP S/4HANA flaw, tracked as CVE-2025-42957, has been disclosed. The vulnerability allows code injection and privilege escalation, potentially giving a low-privileged user full ...
The Hacker News

SAP Patches Critical NetWeaver (CVSS Up to 10.0) and High-Severity S/4HANA Flaws

SAP patches critical NetWeaver and S/4HANA flaws (CVSS 8.1–10.0), preventing code execution, file upload, and data loss.
heise online

SAP Patchday: 18 vulnerability reports, some are critical

SAP lists the individual bulletins in the patchday overview. The descriptions there do not go into great detail; admins can find these after logging into their SAP account under the SAP-linked note ...