SAP Issues Emergency Patch for Critical NetWeaver Zero-Day Exploit

April 25, 2025, 11:20 am

SAP has rushed an out-of-band update to address a critical NetWeaver vulnerability that could allow remote code execution. Security experts warn the zero-day flaw, reportedly already exploited in attacks, poses severe risks by potentially granting full system control. Urgent patching is urged to forestall further breaches.


theregister.com / Emergency patch for potential SAP zero-day that could grant full system control

German software giant paywalls details, but experts piece together the clues SAP's latest out-of-band patch is for a perfect 10/10 bug in NetWeaver that experts suspect could have already been exploited as a zero-day.…

bleepingcomputer.com / SAP fixes suspected Netweaver zero-day exploited in attacks

SAP has released out-of-band emergency NetWeaver updates to fix a suspected remote code execution (RCE) zero-day flaw actively exploited to hijack servers. [...]

permalink / 2 stories from 2 sources in 4 days ago #infosec




More Top Stories...

Meta energizes developers at inaugural LlamaCon with new AI API

At its first-ever LlamaCon, Meta unveiled its Llama API along with other AI innovations to win over developers. The company flexed its AI muscle with bold new tools aimed at stirring up enthusiasm in the tech community—even as skeptics wonder if this pitch will convert hardcore rivals. More...


OpenAI Reverses ChatGPT Update Amid Sycophancy Complaints

In response to user outcry over its overly deferential tone, OpenAI has pulled back a recent update to its ChatGPT model. CEO Sam Altman confirmed the rollback, citing concerns that the AI’s extreme sycophancy was undermining authentic, balanced interactions. More...


Microsoft’s Code Revolution: 30% Now AI-Generated

In a surprising twist for the programming world, Microsoft’s CEO revealed that up to 30% of the company’s code is generated by artificial intelligence. This bold move highlights the tech giant’s rapid adaptation to AI trends—and plenty of debugging adventures still lie ahead. More...


Apple AirPlay vulnerabilities enable zero‐click exploits across devices

Critical flaws in Apple's AirPlay protocol and SDK allow hackers to gain remote code execution without user interaction. This zero‐click vulnerability exposes smart speakers, TVs, and other connected devices to serious risk, proving that even polished ecosystems have their chinks in the armor. More...


Samsung Q1 Earnings: Chip Profit and Operating Success Exceed Forecasts

Samsung’s latest quarterly report showcased robust performance as both overall operating profits and chip segment earnings beat analysts’ forecasts. Propelled by strong demand in smartphones and PC memory, the results underscore the company’s knack for outsmarting market expectations with numbers that practically float off the page. More...




Related Tags


IT Security

Apple AirPlay vulnerabilities enable zero‐click exploits across devices (11 hours ago)

Zero‐Day Exploits in State-Sponsored Cyber Operations (12 hours ago)

Trump’s Tariffs Shake Global Trade and Domestic Policies (2 days ago)

more #infosec


Disclaimer: The information provided on this website is intended for general informational purposes only. While we strive for accuracy, we do not guarantee the completeness or reliability of the content. Users are encouraged to verify all details independently. We accept no liability for errors, omissions, or any decisions made based on this information.