The Hacker News

New SAP NetWeaver Bug Lets Attackers Take Over Servers Without Login

SAP has rolled out security fixes for 13 new security issues, including additional hardening for a maximum-severity bug in SAP NetWeaver AS Java that could result in arbitrary command execution. The ...
Ars Technica

SAP warns of high-severity vulnerabilities in multiple products

As hackers exploit a high-severity vulnerability in SAP’s flagship Enterprise Resource Planning software product, the software maker is warning users of more than two dozen newly detected ...
CSOonline

Patch Tuesday priorities: Vulnerabilities in SAP NetWeaver and Microsoft NTLM and Hyper-V

NetWeaver AS Java hole, rated severity 10, allows an unauthenticated attacker to execute arbitrary OS commands, and NTLM bug is rated likely for exploitation, warn security vendors. CISOs with SAP ...
Network World

SAP data sovereignty service lets customers run cloud workloads inside their data centers

SAP customers will be able to achieve a new level of data sovereignty and independence by running workloads entirely within their own datacenters, the German ERP giant has promised. SAP Sovereign ...
Infosecurity-magazine.com

Public Exploit Released for Critical SAP NetWeaver Flaw

A critical vulnerability in SAP NetWeaver AS Java Visual Composer, tracked as CVE-2025-31324, is now being widely exploited following the release of public exploit tooling. The flaw, patched in April ...
aha.org

H-ISAC TLP White Threat Bulletin: Publicly Available Exploit Code Chains Critical SAP NetWeaver Flaws

On August 15, 2025, exploit code was released that chains two critical vulnerabilities in SAP NetWeaver’s Visual Composer to bypass authentication and achieve remote code execution. The flaws, tracked ...
IEEE

THe Design Of Web Dynpro Java Based Warehouse Management System

Abstract: With the continuous development of information technology, warehouse management information system is advancing more and more professionally when an increasing number of enterprises increase ...
Infosecurity-magazine.com

SAP NetWeaver Flaw Exploited by Ransomware Groups and Chinese-Backed Hackers

Cybersecurity researchers are piling up evidence that a critical vulnerability affecting German software company SAP’s NetWeaver Visual Composer development server is being exploited in the wild by a ...
Bleeping Computer

Chinese hackers behind attacks targeting SAP NetWeaver servers

Forescout Vedere Labs security researchers have linked ongoing attacks targeting a maximum severity vulnerability impacting SAP NetWeaver instances to a Chinese threat actor. Successful exploitation ...
Bleeping Computer

Over 1,200 SAP NetWeaver servers vulnerable to actively exploited flaw

Over 1,200 internet-exposed SAP NetWeaver instances are vulnerable to an actively exploited maximum severity unauthenticated file upload vulnerability that allows attackers to hijack servers. SAP ...
Dark Reading

SAP NetWeaver Visual Composer Flaw Under Active Exploitation

Attackers are actively exploiting a recently patched zero-day vulnerability in SAP's NetWeaver Visual Composer Web-based software modeling tool. CVE-2025-31324 is a critical vulnerability with a ...