SAP has released out-of-band emergency NetWeaver updates to fix a suspected remote code execution (RCE) zero-day flaw actively exploited to hijack servers. The vulnerability, tracked under ...
BianLian, RansomEXX, and others, are jumping the NetWeaver bandwagon In late April, SAP fixed a 10/10 bug in NetWeaver Visual Composer Metadata Uploader Researchers claim there are 1,200 vulnerable ...
A member of the Executive Board of SAP AG, Shai Agassi is the person most responsible for SAP's NetWeaver platform. It was Agassi who first introduced the idea of an application and integration ...
SAP fixed CVE-2025-42999, a 9.1/10 vulnerability in NetWeaver This one was chained with CVE-2025-31324, which was fixed in April Fortune 500 companies are apparently at risk SAP has patched a critical ...
Over 1,200 internet-exposed SAP NetWeaver instances are vulnerable to an actively exploited maximum severity unauthenticated file upload vulnerability that allows attackers to hijack servers. SAP ...
SAP has issued fixes for 21 newly reported security flaws across its enterprise software, including four critical vulnerabilities in NetWeaver, which underpins many of the company’s flagship ...
This story was originally published on Cybersecurity Dive. To receive daily news and insights, subscribe to our free daily Cybersecurity Dive newsletter. A second wave of cyberattacks is targeting a ...
The unrestricted file upload flaw is likely being exploited by an initial access broker to deploy JSP web shells that grant full access to servers and allow installing additional malware payloads.
The enterprise software vendor bundled 25 security patches into its March update, addressing flaws that impact middleware, interfaces, custom apps, and more. SAP has patched high-severity ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results
Feedback