Critical, Make-Me-Super-User SAP S/4HANA Bug Being Exploited

Critical, make-me-super-user SAP S/4HANA bug being exploited

: 9.9-rated flaw on the loose, so patch now

Critical SAP S/4HANA vulnerability now exploited in attacks

A critical SAP S/4HANA code injection vulnerability is being leveraged in attacks in the wild to breach exposed servers, researchers warn.

Critical SAP S/4HANA flaw CVE-2025-42957 under active exploitation

Experts warn of an actively exploited vulnerability, tracked as CVE-2025-42957 (CVSS score: 9.9), in SAP S/4HANA software. A critical command injection vulnerability, tracked as CVE-2025-42957 (CVSS score of 9.9), in SAP S/4HANA is under active exploitation. An attacker can exploit this flaw… Read more → The post Critical SAP S/4HANA flaw CVE-2025-42957 under active exploitation appeared first on IT Security News.

Critical, make-me-super-user SAP S/4HANA bug under active exploitation

9.9-rated flaw on the loose, so patch now A critical code-injection bug in SAP S/4HANA that allows low-privileged attackers to take over your SAP system is being actively exploited, according to security researchers. . . .

Attackers are exploiting critical SAP S/4HANA vulnerability (CVE-2025-42957) - Help Net Security

A critical vulnerability (CVE-2025-42957) in SAP S/4HANA enterprise resource planning software is being exploited by attackers “to a limited extent”, the Dutch National Cyber Security Center (NCSC NL) has warned on Friday. Their alert seems to be based on a report by SecurityBridge’s Threat Research Labs, who professedly verified that the exploit for the flaw is being used in the wild. About CVE-2025-42957 CVE-2025-42957 is a code injection vuln…