SAP released security updates Tuesday aimed at addressing various vulnerabilities. Among these vulnerabilities, three particularly critical ones exist within the SAP Netweaver environment.
These security vulnerabilities could allow the attacker to execute code of their choosing, as well as upload specific files without any particular constraints.
This comes after a critical security flaw in SAP S/4HANA, recently patched by the company (CVE-2025-42957, with a CVSS score of 9.9), was actively exploited; This news comes shortly after Pathlock and SecurityBridge raised awareness of the issue, with patches being released only a few days later.
An additional highly critical vulnerability has been fixed by SAP within the SAP S/4HANA platform (assigned CVE-2025-42916, with a CVSS score of 8.1), which could have been exploited by an attacker with elevated ABAP reporting permissions to delete data in database tables of their choice, provided they were not covered by a dedicated permission group.
The vulnerabilities are listed below:
“CVE-2025-42944 allows an unauthenticated attacker to execute arbitrary operating system commands by sending a malicious payload to an open port,” Onapsis said. “A successful exploit can lead to complete application compromise. As a temporary workaround, customers should add P4 port filtering at the ICM level to prevent unknown hosts from connecting to the P4 port.”
To ensure maximum defense, it is crucial that users install the required updates as quickly as possible, SAP emphasizes, despite there being no evidence that the recently disclosed exploits were actually used for malicious purposes.
Follow us on Google News to receive daily updates on cybersecurity. Contact us if you would like to report news, insights or content for publication.
