New SAP NetWeaver Bug Lets Attackers Take Over Servers Without Login

15 October 2025

SAP has rolled out security fixes for 13 new security issues, including additional hardening for a maximum-severity bug in SAP NetWeaver AS Java that could result in arbitrary command execution. The vulnerability, tracked as CVE-2025-42944, carries a CVSS score of 10.0. It has been described as a case of insecure deserialization. "Due to a deserialization vulnerability in SAP NetWeaver, an

>>More

We use cookies to ensure you get the best experience on our website. Cookie policy