TechJuice

NCERT Warns Of A Code Injection Vulnerability Affecting Worldwide

NCERT has warned Pakistani enterprises of a S/4HANA vulnerability that can inject a malicious ABAP code via RFC.

SAP users patch now - worrying S/4HANA vulnerability being exploited in the wild

SAP patches critical S/4HANA flaw which allowed full system takeover Attackers can inject ABAP code and bypass authorization using RFC Some systems remain unpatched, and confirmed abuse has already ...
The Register on MSN

Critical, make-me-super-user SAP S/4HANA bug under active exploitation

A critical code-injection bug in SAP S/4HANA that allows low-privileged attackers to take over your SAP system is being actively exploited, according to security researchers.… SAP issued a patch for ...

Critical SAP S/4HANA vulnerability is attacked

Attackers are now abusing a critical vulnerability in SAP's S/4HANA. A patch from the August patchday closes it.
heise online

SAP Patchday: Critical vulnerabilities allow malicious code to be injected

In August, SAP issues 15 new security notes on vulnerabilities in its products. Some of them pose a critical risk. SAP's August Patchday brings 15 new security notes that address, among other things, ...
American Hospital Association

H-ISAC TLP White Threat Bulletin: Critical SAP S/4HANA Vulnerability Actively Exploited (CVE-2025-42957) Sept. 9, 2025

Exploitation of the SAP S/4HANA flaw, tracked as CVE-2025-42957, has been disclosed. The vulnerability allows code injection and privilege escalation, potentially giving a low-privileged user full ...
CSOonline

Alert: Exploit available to threat actors for SAP S/4HANA critical vulnerability

SAP S/4HANA admins who haven’t already installed a critical August 11 patch could be in trouble: An exploit for the code injection vulnerability is already being exploited in the wild. The ...