SAP has rolled out security fixes for 13 new security issues, including additional hardening for a maximum-severity bug in SAP NetWeaver AS Java that could result in arbitrary command execution.
The vulnerability, tracked as CVE-2025-42944, carries a CVSS score of 10.0. It has been described as a case of insecure deserialization.
„Due to a deserialization vulnerability in SAP NetWeaver, an
https://thehackernews.com/2025/10/new-sap-netweaver-bug-lets-attackers.html