SAP released an out-of-band emergency update to address a remote code execution zero-day vulnerability impacting NetWeaver. Tracked as CVE-2025-31324, the vulnerability has a critical severity rating with a CVSS score of 10. Threat actors are exploiting the vulnerability to hijack servers. CISA added CVE-2025-31324 to its Known Exploited Vulnerabilities Catalog, urging users to patch it … Continue reading “SAP NetWeaver Zero-day Remote Code Execution Vulnerability (CVE-2025-31324)”
Tag: SAP NetWeaver
SAP NetWeaver Multiple Security Vulnerabilities (CVE-2020-6287, CVE-2020-6286)
SAP issued a new security advisory on July 13 in their SAP Security Patch Day – July 2020 addressing ten security vulnerabilities in multiple SAP products. Among these multiple vulnerabilities, CVE-2020-6287 is a critical vulnerability with a CVSSv3 base score 10/10. Rest other vulnerabilities are of High and Medium severity. Description: SAP identified several vulnerabilities … Continue reading “SAP NetWeaver Multiple Security Vulnerabilities (CVE-2020-6287, CVE-2020-6286)”