New SAP NetWeaver Bug Lets Attackers Take Over Servers Without Login

Updated on October 15, 2025

SAP has rolled out security fixes for 13 new security issues, including additional hardening for a maximum-severity bug in SAP NetWeaver AS Java that could result in arbitrary command execution.
The vulnerability, tracked as CVE-2025-42944, carries a CVSS score of 10.0. It has been described as a case of insecure deserialization.
“Due to a deserialization vulnerability in SAP NetWeaver, an…

Read the rest of the story at Read More

Source: The Hacker News

October 17, 2025 Uncategorized

North Korean Hackers Combine BeaverTail ...

June 18, 2025 Uncategorized

Iran Slows Internet to Prevent Cyber Att...

October 18, 2024 Uncategorized

New SAP NetWeaver Bug Lets Attackers Take Over Servers Without Login

Related posts

North Korean Hackers Combine BeaverTail ...

Iran Slows Internet to Prevent Cyber Att...

The Ultimate DSPM Guide: Webinar on Buil...

Leave a Comment Cancel reply

Recent News

ShadowRay 2.0 Exploits Unpatched Ray Flaw to Build Self-Spreading GPU Cryptomining Botnet

Tsundere Botnet Expands Using Game Lures and Ethereum-Based C2 on Windows

ThreatsDay Bulletin: 0-Days, LinkedIn Spies, Crypto Crimes, IoT Flaws and New Malware Waves

CTM360 Exposes a Global WhatsApp Hijacking Campaign: HackOnChat

New Sturnus Android Trojan Quietly Captures Encrypted Chats and Hijacks Devices

Iran-Linked Hackers Mapped Ship AIS Data Days Before Real-World Missile Strike Attempt

TamperedChef Malware Spreads via Fake Software Installers in Ongoing Global Campaign

Hackers Actively Exploiting 7-Zip Symbolic Link–Based RCE Vulnerability (CVE-2025-11001)

Python-Based WhatsApp Worm Spreads Eternidade Stealer Across Brazilian Devices

WrtHug Exploits Six ASUS WRT Flaws to Hijack Tens of Thousands of EoL Routers Worldwide