Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

SAP security patch release for CVE-2025-42957

Security Patch Release
First reported
Last updated
Happening score
H score 50
1 unique sources, 1 articles

Summary

Hide ▲

SAP's August 2025 security updates added a patch for CVE-2025-42957, closing a critical code injection flaw in S/4HANA that affects private cloud and on-premise instances. The update matters because the flaw was already being exploited in the wild, raising the risk for unpatched systems. Administrators need to deploy the fix quickly and verify exposure to the vulnerable S/4HANA module.

Related Happenings

Progress security patch release for CVE-2026-2699

Security Patch Release
First: 02.04.2026 16:33 Last: 02.04.2026 16:33 Sources 1

About this happening: **Progress** released **ShareFile 5.12.4** on **March 10** to fix **CVE-2026-2699** and **CVE-2026-2701** in the **Storage Zones Controller (SZC)** for **branch 5.x**. The update...

Open Happening

Oracle security patch release for CVE-2026-21992

Security Patch Release
First: 21.03.2026 12:24 Last: 21.03.2026 12:24 Sources 1

About this happening: **Oracle** released **security updates** for **CVE-2026-21992**, a critical flaw in **Identity Manager** and **Web Services Manager** that could enable **unauthenticated remote co...

Open Happening

SAP security patch release for CVE-2019-17571

Security Patch Release
First: 11.03.2026 14:26 Last: 11.03.2026 14:26 Sources 1

About this happening: **SAP** released security updates for **two critical flaws** in **FS-QUO** and **NetWeaver Enterprise Portal Administration**, reducing the risk of **arbitrary code execution** on...

Open Happening

SolarWinds security patch release for CVE-2025-40538

Security Patch Release
First: 25.02.2026 09:04 Last: 25.02.2026 09:04 Sources 1

About this happening: **SolarWinds** released **Serv-U** updates that fix **four critical flaws** in **version 15.5**, reducing the risk of **remote code execution**. The patched issues are tracked as...

Open Happening

Trend Micro security patch release for CVE-2025-69258

Security Patch Release
First: 09.01.2026 12:01 Last: 09.01.2026 12:01 Sources 1

About this happening: **Trend Micro** released **security updates** for **Apex Central for Windows** to fix **CVE-2025-69258**, a **9.8 CVSS** remote-code-execution flaw that could let an unauthenticat...

Open Happening

Timeline

  1. 05.09.2025 23:11 2 articles · 8mo ago

    SecurityBridge verifies active exploitation of CVE-2025-42957 in SAP S/4HANA

    Initial Disclosure

    SecurityBridge said it discovered an exploit for CVE-2025-42957 and confirmed actual abuse in SAP S/4HANA, while Pathlock detected outlier activity consistent with exploitation attempts. The flaw affects private cloud and on-premise instances, carries a 9.9 CVSS score, and SAP customers were urged to apply SAP's August 2025 security updates and restrict RFC usage with SAP's Unified Connectivity framework (UCON).

    Show sources
    Open in new tab