iThome Online

SAP修補NetWeaverNetWeaver AS Java重大層級漏洞

本週SAP發布9月份每月例行更新(Security Patch Day),其中修補3項重大層級漏洞CVE-2025-42944、CVE-2025-42922、 CVE-2025-42958,其中又以CVE-2025-42944風險值達到滿分,最為危險 ...
iThome Online

SAP修補NetWeaver、列印服務、供應鏈關係管理平臺重大漏洞

SAP修補NetWeaver、列印服務、供應鏈關係管理平臺重大漏洞 SAP發布10月例行更新(Security Patch Day),其中最特別的公告在於,該公司為了上個月修補的滿分漏洞CVE-2025-42944發布新的公告,為NetWeaver AS Java導入新的安全強化機制 文/ 周峻佑 | 2025-10-15 發表 ...
Bleeping Computer

SAP fixes maximum severity NetWeaver command execution flaw

SAP has addressed 21 new vulnerabilities affecting its products, including three critical severity issues impacting the NetWeaver software solution. SAP NetWeaver is the foundation for SAP's business ...
Infosecurity-magazine.com

Public Exploit Released for Critical SAP NetWeaver Flaw

A critical vulnerability in SAP NetWeaver AS Java Visual Composer, tracked as CVE-2025-31324, is now being widely exploited following the release of public exploit tooling. The flaw, patched in April ...
Dark Reading

SAP NetWeaver Visual Composer Flaw Under Active Exploitation

Attackers are actively exploiting a recently patched zero-day vulnerability in SAP's NetWeaver Visual Composer Web-based software modeling tool. CVE-2025-31324 is a critical vulnerability with a ...
TechRadar

Watch out - this SAP NetWeaver bug has a maximum severity score, and it could target your servers next

SAP patched CVE-2025-42944, a critical flaw allowing unauthenticated OS command execution Two more severe vulnerabilities affect SAP Print Service and Supplier Relationship Management modules ...