Tag: sap
-
SAP Pushes Emergency Patch for 9.9 Rated CVE-2025-42887 After Full Takeover Risk
CVE 2025 42887 vulnerability, rated 9.9, allows code injection through Solution Manager giving attackers full SAP control urgent patch needed to block system takeover. First seen on hackread.com Jump to article: hackread.com/sap-patch-cve-2025-42887-takeover-vulnerability/
-
SAP Pushes Emergency Patch for 9.9 Rated CVE-2025-42887 After Full Takeover Risk
CVE 2025 42887 vulnerability, rated 9.9, allows code injection through Solution Manager giving attackers full SAP control urgent patch needed to block system takeover. First seen on hackread.com Jump to article: hackread.com/sap-patch-cve-2025-42887-takeover-vulnerability/
-
Retail giant Kingfisher rejects SAP ERP upgrade plan
Tags: sap‘Don’t just give me a price list or licensing module that spikes cost by 20x, show me the value,’ says CTO First seen on theregister.com Jump to article: www.theregister.com/2025/11/12/retail_giant_kingfisher_says_no/
-
SAP fixed a maximum severity flaw in SQL Anywhere Monitor
SAP fixed 19 security issues, including a critical flaw in SQL Anywhere Monitor with hardcoded credentials that could enable remote code execution. SAP addressed 19 security vulnerabilities, including a critical flaw in SQL Anywhere Monitor, with the release of November 2025 notes. The vulnerability, tracked as CVE-2025-42890 (CVSS score of 10/10), is an insecure key…
-
SAP fixes hardcoded credentials flaw in SQL Anywhere Monitor
SAP has released its November security updates that address multiple security vulnerabilities, including a maximum severity flaw in the non-GUI variant of the SQL Anywhere Monitor and a critical code injection issue in the Solution Manager platform. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/sap-fixes-hardcoded-credentials-flaw-in-sql-anywhere-monitor/
-
SAP Releases Security Update to Fix Critical Code Execution and Injection Flaws
SAP has released a significant security update addressing 18 new vulnerabilities across its enterprise software portfolio, including several critical flaws related to code execution and data injection. This monthly security patch day features four high-severity vulnerabilities that require immediate attention from organizations utilizing SAP infrastructure. The most severe vulnerabilities have a CVSS score of 10.0,…
-
SAP Releases Security Update to Fix Critical Code Execution and Injection Flaws
SAP has released a significant security update addressing 18 new vulnerabilities across its enterprise software portfolio, including several critical flaws related to code execution and data injection. This monthly security patch day features four high-severity vulnerabilities that require immediate attention from organizations utilizing SAP infrastructure. The most severe vulnerabilities have a CVSS score of 10.0,…
-
SAP users still wrestling with business case for S/4HANA
A decade later, ERP giant struggles to convince legacy customers to upgrade First seen on theregister.com Jump to article: www.theregister.com/2025/10/17/sap_s4hana_business_case/
-
SAP zero-day wake-up call: Why ERP systems need a unified defense
In this Help Net Security video, Paul Laudanski, Director of Research at Onapsis, discusses key lessons from the SAP zero-day vulnerability. He explains why business-critical … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/10/17/sap-zero-day-security-video/
-
SAP zero-day wake-up call: Why ERP systems need a unified defense
In this Help Net Security video, Paul Laudanski, Director of Research at Onapsis, discusses key lessons from the SAP zero-day vulnerability. He explains why business-critical … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/10/17/sap-zero-day-security-video/
-
SAP zero-day wake-up call: Why ERP systems need a unified defense
In this Help Net Security video, Paul Laudanski, Director of Research at Onapsis, discusses key lessons from the SAP zero-day vulnerability. He explains why business-critical … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/10/17/sap-zero-day-security-video/
-
Frightful Patch Tuesday gives admins a scare with 175+ Microsoft CVEs, 3 under attack
Plus: Adobe, SAP, Ivanti offer treats, not tricks First seen on theregister.com Jump to article: www.theregister.com/2025/10/14/microsoft_october_2025_patch_tuesday/
-
SAP Patchday Oktober 2025 10.0-Schwachstelle in SAP Netweaver wird erneut gepatcht
First seen on security-insider.de Jump to article: www.security-insider.de/sap-patchday-oktober-2025-netweaver-updates-a-293e84f7bbc70e6f65cf25c84b1d65b0/
-
SAP fixed maximum-severity bug in NetWeaver
SAP addressed 13 new flaws, including a maximum severity vulnerability in SAP NetWeaver, which could lead to arbitrary command execution. SAP addressed 13 new vulnerabilities, including a maximum severity issue, tracked as CVE-2025-42944 (CVSS score of 10.0) in SAP NetWeaver. The vulnerability is an insecure deserialization that could lead to arbitrary command execution. >>Due to a deserialization…
-
New SAP NetWeaver Bug Lets Attackers Take Over Servers Without Login
SAP has rolled out security fixes for 13 new security issues, including additional hardening for a maximum-severity bug in SAP NetWeaver AS Java that could result in arbitrary command execution.The vulnerability, tracked as CVE-2025-42944, carries a CVSS score of 10.0. It has been described as a case of insecure deserialization.”Due to a deserialization vulnerability in…
-
New SAP NetWeaver Bug Lets Attackers Take Over Servers Without Login
SAP has rolled out security fixes for 13 new security issues, including additional hardening for a maximum-severity bug in SAP NetWeaver AS Java that could result in arbitrary command execution.The vulnerability, tracked as CVE-2025-42944, carries a CVSS score of 10.0. It has been described as a case of insecure deserialization.”Due to a deserialization vulnerability in…
-
New SAP NetWeaver Bug Lets Attackers Take Over Servers Without Login
SAP has rolled out security fixes for 13 new security issues, including additional hardening for a maximum-severity bug in SAP NetWeaver AS Java that could result in arbitrary command execution.The vulnerability, tracked as CVE-2025-42944, carries a CVSS score of 10.0. It has been described as a case of insecure deserialization.”Due to a deserialization vulnerability in…
-
SAP NetWeaver Memory Corruption Flaw Lets Attackers Send Corrupted Logon Tickets
A newly disclosed vulnerability in SAP NetWeaver AS ABAP and ABAP Platform (CVE-2025-42902) allows unauthenticated attackers to crash server processes by sending malformed SAP Logon or SAP Assertion Tickets. RatedMediumseverity with a5.3CVSS 3.1 score, the flaw stems from a NULL pointer dereference that triggers memory corruption and process termination. Affected versions include all supported releases…
-
SAP NetWeaver Memory Corruption Flaw Lets Attackers Send Corrupted Logon Tickets
A newly disclosed vulnerability in SAP NetWeaver AS ABAP and ABAP Platform (CVE-2025-42902) allows unauthenticated attackers to crash server processes by sending malformed SAP Logon or SAP Assertion Tickets. RatedMediumseverity with a5.3CVSS 3.1 score, the flaw stems from a NULL pointer dereference that triggers memory corruption and process termination. Affected versions include all supported releases…
-
SAP NetWeaver Memory Corruption Flaw Lets Attackers Send Corrupted Logon Tickets
A newly disclosed vulnerability in SAP NetWeaver AS ABAP and ABAP Platform (CVE-2025-42902) allows unauthenticated attackers to crash server processes by sending malformed SAP Logon or SAP Assertion Tickets. RatedMediumseverity with a5.3CVSS 3.1 score, the flaw stems from a NULL pointer dereference that triggers memory corruption and process termination. Affected versions include all supported releases…
-
Boomi führt Change Data Capture für SAP-Daten ein Echtzeit-Einblicke für die agentische Transformation
SAP-Kunden können nun in Echtzeit auf Daten aus ECC, S/4HANA und BW zugreifen ohne Code und mit integrierter CDC für intelligentere Entscheidungen in KI und Analytics First seen on infopoint-security.de Jump to article: www.infopoint-security.de/boomi-fuehrt-change-data-capture-fuer-sap-daten-ein-echtzeit-einblicke-fuer-die-agentische-transformation/a42303/
-
SAP-Kunden: Anforderungen nach Souveränität werden immer stärker
Tags: sapAngesichts einer unsicheren Weltlage wollen SAP-Kunden aller Branchen mehr Souveränität. Golem hat auf der SAP Connect in Las Vegas nachgefragt. First seen on golem.de Jump to article: www.golem.de/news/sap-kunden-anforderungen-nach-souveraenitaet-werden-immer-staerker-2510-200848.html
-
EU probes SAP over anti-competitive ERP support practices
The European Comission is investigating potential anti-competitive practices in aftermarket services SAP provides for its on-premise ERP software. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/legal/eu-probes-sap-over-anti-competitive-erp-support-practices/
-
Jaguar Land Rover nach Cyberattacke weiter lahmgelegt
Ein Cyberangriff auf den britischen Autohersteller Jaguar Land Rover hat zu einem Produktionsstopp geführt.Der britische Automobilhersteller Jaguar Land Rover hat wegen einer Cyberattacke Anfang September 2025 schwere Störungen bei Produktion und Verkauf hinnehmen müssen.Wie das Unternehmen damals mitteilte, wurden die Systeme heruntergefahren, um den Schaden zu begrenzen. “Wir arbeiten jetzt rasch daran, um unsere weltweit…
-
SAP Patchday September 2025 – Einfach ausnutzbare Schwachstelle in SAP Netweaver CVSS 10.0
First seen on security-insider.de Jump to article: www.security-insider.de/sap-patchday-september-2025-netweaver-updates-a-e69ad257d378b5c5894c836edda50797/
-
SAP Issues Critical Security Patch for NetWeaver and Other Products, Warns of CVE-2025-42944
SAP has released a new security update addressing a broad range of vulnerabilities across its product ecosystem. Among the most alarming is a critical vulnerability identified in SAP NetWeaver, tracked as CVE-2025-42944, which has received the highest possible severity rating of CVSS 10.0. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/sap-patches-cve-2025-42944/
-
This Patch Tuesday, SAP is the worst offender and Microsoft users can kinda chill
ERP giant patches flaw that allows total takeover of NetWeaver, Microsoft has nothing under attack for once First seen on theregister.com Jump to article: www.theregister.com/2025/09/10/microsoft_patch_tuesday/