Following a high-severity vulnerability being actively exploited in SAP’s flagship ERP, SAP warned customers of more than two dozen new vulnerabilities across NetWeaver and other products, including a critical flaw rated 10/10.
The most severe issue, tracked as CVE-2025-42944, resides in NetWeaver and could allow unauthenticated attackers to run arbitrary commands by sending malicious payloads to an open port. The root cause is a deserialization vulnerability.
Security researchers noted three additional high-severity NetWeaver flaws with CVSS-like ratings of 9.9, 9.6, and 9.1, underscoring the breadth of exposure across enterprise infrastructure.
Security firm SecurityBridge previously flagged a separate high-severity vulnerability, CVE-2025-42957, in SAP S/4HANA that was under active exploitation. SAP confirmed the flaw carries a 9.9 severity and impacts the ERP suite used for core business processes such as finance and HR.
SAP urged customers to patch promptly and consult its security notes for guidance. The company also highlighted additional vulnerabilities across SAP Business One, Landscape Transformation, Commerce Cloud, Datahub, and other products, with ratings spanning from 3.1 to 8.8, calling for quick mitigations.
