News

SAP fixes suspected NetWeaver zero-day exploited in attacks
SAP has released out-of-band emergency NetWeaver updates to fix a suspected remote code execution (RCE) zero-day flaw ...
SecurityWeek2d
SAP Zero-Day Possibly Exploited by Initial Access Broker
A zero-day vulnerability in SAP NetWeaver potentially affects more than 10,000 internet-facing applications. Over 10,000 SAP ...
CSO Online4d
SAP NetWeaver customers urged to deploy patch for critical zero-day vulnerability
The unrestricted file upload flaw is likely being exploited by an initial access broker to deploy JSP web shells that grant ...
Emergency patch for potential SAP zero-day that could grant full system control
According to SAP security platform Onapsis, the vulnerability has indeed already been exploited as a zero-day and can afford ...
SecurityWeek19h
Exploited Vulnerability Exposes Over 400 SAP NetWeaver Servers to Attacks
More than 400 SAP NetWeaver servers are impacted by CVE-2025-31324, an exploited remote code execution vulnerability.
Techzine Europe1d
SAP patches zero-day vulnerability in NetWeaver, denies exploitation
SAP has released emergency patches for a critical zero-day vulnerability in NetWeaver. The security flaw allows malicious ...
InfoRiskToday1d
Threat Actors Hacking SAP Critical Zero-Day
Threat actors are exploiting a zero day flaw in a partially deprecated SAP tool still widely used by governments and ...
The Hacker News24y
New Critical SAP NetWeaver Flaw Exploited to Drop Web Shell, Brute Ratel Framework
The web shells grant the threat actor the ability to execute arbitrary commands in system context, with the privileges of the ...
Infosecurity Magazine24y
SAP Fixes Critical Vulnerability After Evidence of Exploitation
German software company SAP has finally disclosed and fixed a highly critical vulnerability in the NetWeaver Visual Composer ...