Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

SAP NetWeaver AS Java deserialization RCE (CVE-2025-42944)

Vulnerability
First reported
Last updated
Happening score
H score 25
1 unique sources, 2 articles

Summary

Hide ▲

SAP NetWeaver AS Java has a CVE-2025-42944 insecure deserialization flaw that can let an unauthenticated attacker trigger arbitrary OS command execution through the RMI-P4 module. SAP said the bug is CVSS 10.0 and can be reached by sending a malicious payload to an open port. The issue was first addressed last month, and the latest update adds extra safeguards to reduce deserialization abuse. No evidence of in-the-wild exploitation was reported.

Related Happenings

CISA KEV remediation deadline for SolarWinds WHD CVE-2025-40551

Public Sector Action
First: 04.02.2026 07:50 Last: 04.02.2026 07:50 Sources 1

About this happening: **CISA** added **CVE-2025-40551** in **SolarWinds Web Help Desk** to the **KEV catalog** and imposed **federal remediation deadlines**, turning a newly exploited flaw into a compl...

Open Happening

SAP Solution Manager ST 720 code injection security flaw (CVE-2025-42880)

Vulnerability
First: 10.12.2025 00:41 Last: 10.12.2025 00:41 Sources 1

About this happening: **CVE-2025-42880** is a **code injection** flaw in **SAP Solution Manager ST 720** that could let an **authenticated attacker** gain **full control** of the system. SAP included t...

Open Happening

Fortra GoAnywhere MFT CVE-2025-10035 active exploitation wave

Exploitation Wave
First: 07.10.2025 11:45 Last: 07.10.2025 11:45 Sources 1

About this happening: **CVE-2025-10035** in **Fortra GoAnywhere Managed File Transfer (MFT)** is being **actively exploited** in **ransomware attacks** against systems with the **admin console exposed...

Open Happening

CISA KEV addition for Smartbedded Meteobridge CVE-2025-4008

Public Sector Action
First: 03.10.2025 11:23 Last: 03.10.2025 11:23 Sources 1

About this happening: CISA added **CVE-2025-4008** in **Smartbedded Meteobridge** to the **KEV catalog**, signaling **active exploitation** and requiring **FCEB agencies** to apply updates by **October...

Open Happening

SAP S/4HANA command injection flaw (CVE-2025-42957)

Vulnerability
First: 05.09.2025 13:59 Last: 05.09.2025 13:59 Sources 1

About this happening: **SAP S/4HANA** is facing **active exploitation** of **CVE-2025-42957**, a **critical command injection flaw** that SAP **fixed last month**. The weakness affects **on-premise and...

Latest development: 05.09.2025 16:36

SecurityBridge discovers CVE-2025-42957 in SAP S/4HANA, reports the RFC-exposed ABAP code injection flaw to SAP, and helps develop a patch for affected systems.

Open Happening

Timeline

  1. 15.10.2025 08:36 3 articles · 7mo ago

    SAP hardens CVE-2025-42944 in SAP NetWeaver AS Java

    Mitigation Patch Update

    SAP added extra hardening for CVE-2025-42944 in SAP NetWeaver AS Java, an unauthenticated insecure deserialization flaw with CVSS 10.0 that could let an attacker use the RMI-P4 module and a malicious payload on an open port to trigger arbitrary OS command execution. The added protection uses a JVM-wide filter (jdk.serialFilter) to block selected classes from being deserialized, and no evidence of in-the-wild exploitation was reported.

    Show sources
    Open in new tab