Find notable cyber news and cases, enriched with sources, timelines, and signals.

SAP NetWeaver AS Java deserialization RCE (CVE-2025-42944)

Vulnerability
First reported
Last updated
Happening score
H score 39
1 unique sources, 2 articles

Summary

Hide ▲

SAP NetWeaver AS Java has a CVE-2025-42944 insecure deserialization flaw that can let an unauthenticated attacker trigger arbitrary OS command execution through the RMI-P4 module. SAP said the bug is CVSS 10.0 and can be reached by sending a malicious payload to an open port. The issue was first addressed last month, and the latest update adds extra safeguards to reduce deserialization abuse. No evidence of in-the-wild exploitation was reported.

Related Happenings

SolarWinds Serv-U advisory and mitigations for CVE-2026-28318

Advisory/Mitigation
H score52 First: 06.06.2026 11:14 Last: 06.06.2026 11:14 Sources 1

About this happening: **SolarWinds Serv-U** mitigation guidance now covers **CVE-2026-28318**, reducing **unauthenticated DoS** risk from specially crafted POST requests. SolarWinds says the flaw is ad...

CISA KEV remediation deadline for SolarWinds WHD CVE-2025-40551

Public Sector Action
H score53 First: 04.02.2026 07:50 Last: 04.02.2026 07:50 Sources 1

About this happening: **CISA** added **CVE-2025-40551** in **SolarWinds Web Help Desk** to the **KEV catalog** and imposed **federal remediation deadlines**, turning a newly exploited flaw into a compl...

SAP Solution Manager ST 720 code injection security flaw (CVE-2025-42880)

Vulnerability
H score37 First: 10.12.2025 00:41 Last: 10.12.2025 00:41 Sources 1

About this happening: **CVE-2025-42880** is a **code injection** flaw in **SAP Solution Manager ST 720** that could let an **authenticated attacker** gain **full control** of the system. SAP included t...

Fortra GoAnywhere MFT CVE-2025-10035 active exploitation wave

Exploitation Wave
H score48 First: 07.10.2025 11:45 Last: 07.10.2025 11:45 Sources 1

About this happening: **CVE-2025-10035** in **Fortra GoAnywhere Managed File Transfer (MFT)** is being **actively exploited** in **ransomware attacks** against systems with the **admin console exposed...

CISA KEV addition for Smartbedded Meteobridge CVE-2025-4008

Public Sector Action
H score36 First: 03.10.2025 11:23 Last: 03.10.2025 11:23 Sources 1

About this happening: CISA added **CVE-2025-4008** in **Smartbedded Meteobridge** to the **KEV catalog**, signaling **active exploitation** and requiring **FCEB agencies** to apply updates by **October...

Timeline

  1. 15.10.2025 08:36 3 articles · 8mo ago

    SAP hardens CVE-2025-42944 in SAP NetWeaver AS Java

    Mitigation Patch Update

    SAP added extra hardening for CVE-2025-42944 in SAP NetWeaver AS Java, an unauthenticated insecure deserialization flaw with CVSS 10.0 that could let an attacker use the RMI-P4 module and a malicious payload on an open port to trigger arbitrary OS command execution. The added protection uses a JVM-wide filter (jdk.serialFilter) to block selected classes from being deserialized, and no evidence of in-the-wild exploitation was reported.

    Show sources