Threat Post

SAP Stomps Out Critical RCE Flaw in Manufacturing Software

The remote code execution flaw could allow attackers to deploy malware, modify network configurations and view databases. Enterprise software giant SAP pushed out fixes for a critical-severity ...
Bleeping Computer

SAP fixes critical bugs in Business Client, Commerce, and NetWeaver

SAP's security updates for this month address multiple critical vulnerabilities. The most serious of them, rated with the highest severity score, affects the company's Business Client product. Two ...
Bleeping Computer

SAP fixes suspected NetWeaver zero-day exploited in attacks

SAP has released out-of-band emergency NetWeaver updates to fix a suspected remote code execution (RCE) zero-day flaw actively exploited to hijack servers. The vulnerability, tracked under ...
Infosecurity-magazine.com

Public Exploit Released for Critical SAP NetWeaver Flaw

A critical vulnerability in SAP NetWeaver AS Java Visual Composer, tracked as CVE-2025-31324, is now being widely exploited following the release of public exploit tooling. The flaw, patched in April ...
TechRadar

This critical security flaw is letting SAP users get around authentication

SAP has fixed more than a dozen security vulnerabilities, including two critical-severity ones which could have allowed threat actors to take full control over a flawed endpoint. In a security ...
CSOonline

Patch Tuesday priorities: Vulnerabilities in SAP NetWeaver and Microsoft NTLM and Hyper-V

NetWeaver AS Java hole, rated severity 10, allows an unauthenticated attacker to execute arbitrary OS commands, and NTLM bug is rated likely for exploitation, warn security vendors. CISOs with SAP ...