As hackers exploit a high-severity vulnerability in SAP’s flagship Enterprise Resource Planning software product, the software maker is warning users of more than two dozen newly detected vulnerabilities in its other widely used products, including a security flaw with a maximum-severity rating of 10.
SAP on Tuesday said the highest-severity vulnerability with a rating of 10 out of a possible 10 was found in NetWeaver, a platform that serves as the technical foundation for many of the company’s other enterprise applications. The vulnerability, tracked as CVE-2025-42944, makes it possible for unauthenticated attackers to execute commands by submitting malicious payloads to an open port.
The maximum-severity threat stems from a deserialization vulnerability. Serialization is a coding process that translates data structures and object states into formats that can be stored or transmitted and then reconstructed later. Deserialization is the process in reverse.
Read full article
Comments
Published: 2025-09-09T19:55:22