InfoSunrise – Daily Insights Across Tech, Travel, Lifestyle & More

Latest News, Trends & Expert Picks in One Place

Tech

SAP users patch now – worrying S/4HANA vulnerability being exploited in the wild

Byadmin

Sep 8, 2025 #5G technology, #AI technology, #artificial intelligence, #augmented reality, #best laptops, #best tech apps, #blockchain, #cloud computing, #cryptocurrency, #cybersecurity, #digital transformation, #emerging tech, #future technology, #iOS vs Android, #latest inventions, #latest tech news, #machine learning, #new gadgets, #robotics, #smart home devices, #smartphones, #software updates, #tech, #tech comparisons, #tech industry news, #tech innovations, #tech reviews, #tech startups, #tech tips and tricks, #tech trends, #tech tutorials, #technology, #top tech of 2025, #virtual reality, #wearable tech
  • SAP patches critical S/4HANA flaw which allowed full system takeover
  • Attackers can inject ABAP code and bypass authorization using RFC
  • Some systems remain unpatched, and confirmed abuse has already occurred

S/4HANA, SAP’s Enterprise Resource Planning (ERP) software[1] suite, was carrying a critical vulnerability which allowed threat actors to fully take over vulnerable endpoints.

The company has now released a patch after security researchers warned about “limited” abuse in the wild.

Researchers from SecurityBridge discovered, and reported, an improper control of generation of code issue that could lead to code injection. An attacker with user privileges could exploit it via RFC, enabling the injection of arbitrary ABAP code and thus bypassing essential authorization checks.

Reverse engineering

According to the NVD, this vulnerability “effectively functions as a backdoor[2]”, potentially leading to “full system compromise”.

It is now tracked as CVE-2025-42957, and was given a severity score of 9.9/10 (critical). It was spotted on June 27, 2025 and fixed on August 11.

But SecurityBridge says that not all users were quick to deploy the patch, making them an active target for threat actors.

“While widespread exploitation has not yet been reported, SecurityBridge has verified actual abuse of this vulnerability,” the researchers said. “That means attackers already know how to use it – leaving unpatched SAP systems exposed.”

“Additionally, reverse engineering the patch to create an exploit is relatively easy for SAP ABAP, since the ABAP code is open to see for everyone.”

SecurityBridge stressed threat actors could abuse this flaw to steal sensitive files, manipulate data, deploy malware, escalate privileges, steal login credentials, and possibly even drop ransomware. We don’t know which groups are currently abusing this flaw, how, or against whom.

SAP said vulnerable instances include multiple versions of S/4 HANA (private cloud and on-prem), Landscape Transformation, Business One, and NetWeaver Application Server ABAP. A detailed list can be found here[3]. A more detailed bulletin was also published, but it is only available to SAP customers with an active account.

Via BleepingComputer[4]

You might also like

References

  1. ^ Enterprise Resource Planning (ERP) software (www.techradar.com)
  2. ^ backdoor (www.techradar.com)
  3. ^ here (support.sap.com)
  4. ^ BleepingComputer (www.bleepingcomputer.com)

By admin

Related Post

Tech

Worried about Windows 10’s death? Don’t fret – Tiny11 is a lightweight version of Windows 11 that cuts bloatware and can run on older hardware

Sep 8, 2025 admin
Tech

Snap up this bargain Samsung fitness tracker for under £40 at Amazon

Sep 8, 2025 admin
Tech

I’m more excited about a new Watch SE than an Apple Watch Ultra 3, and you should be be too – here’s why

Sep 8, 2025 admin

You missed

World

Israel vows ‘mighty hurricane’ strikes, demands Hamas surrender

September 8, 2025 admin
World

Afghan quake survivors stay away from villages over aftershock fears

September 8, 2025 admin
World

WHO urges Taliban to ease curbs on women aid workers after quake

September 8, 2025 admin
World

Brazil’s Lula says US warships in Caribbean are a source of ‘tension’

September 8, 2025 admin