SAP reports a critical SAP S/4HANA cloud flaw (CVE-2025-42957, CVSS 9.9) is being exploited in the wild, letting low-privileged users inject ABAP via RFC and gain admin control. Patch released Aug 12; no workarounds.
Discussion
No replies yet.
SAP reports a critical SAP S/4HANA cloud flaw (CVE-2025-42957, CVSS 9.9) is being exploited in the wild, letting low-privileged users inject ABAP via RFC and gain admin control. Patch released Aug 12; no workarounds.
No replies yet.