SAP users patch now - worrying S/4HANA vulnerability being exploited in the wild

S/4HANA, SAP’s Enterprise Resource Planning (ERP) software suite, was carrying a critical vulnerability which allowed threat actors to fully take over vulnerable endpoints. The company has now ...
TechJuice

NCERT Warns Of A Code Injection Vulnerability Affecting Worldwide

NCERT has warned Pakistani enterprises of a S/4HANA vulnerability that can inject a malicious ABAP code via RFC.
The Register on MSN

Critical, make-me-super-user SAP S/4HANA bug under active exploitation

A critical code-injection bug in SAP S/4HANA that allows low-privileged attackers to take over your SAP system is being actively exploited, according to security researchers.… SAP issued a patch for ...

Critical SAP S/4HANA vulnerability is attacked

Attackers are now abusing a critical vulnerability in SAP's S/4HANA. A patch from the August patchday closes it.
heise online

SAP Patchday: Critical vulnerabilities allow malicious code to be injected

In August, SAP issues 15 new security notes on vulnerabilities in its products. Some of them pose a critical risk. SAP's August Patchday brings 15 new security notes that address, among other things, ...

Shaping the Future of SAP Integration by Sridhar Jampani

Sridhar Jampani, a seasoned SAP ABAP Technical Consultant with 19 years of experience, is based in Dublin, USA. With an academic foundation that includes a Master of Science and Bachelor of Science in ...
American Hospital Association

H-ISAC TLP White Threat Bulletin: Critical SAP S/4HANA Vulnerability Actively Exploited (CVE-2025-42957) Sept. 9, 2025

Exploitation of the SAP S/4HANA flaw, tracked as CVE-2025-42957, has been disclosed. The vulnerability allows code injection and privilege escalation, potentially giving a low-privileged user full ...