News

SAP has released 15 new security notes on the August 2025 Patch Tuesday, including for critical vulnerabilities.
Hackers were spotted exploiting a critical SAP NetWeaver vulnerability tracked as CVE-2025-31324 to deploy the Auto-Color ...
SAP fixed the issue in late April 2025, but at the time, multiple security firms were already seeing attacks in the wild.
In August, SAP issues 15 new security notes on vulnerabilities in its products. Some of them pose a critical risk.
SAP flaw CVE-2025-31324 exploited to deploy Auto-Color malware at U.S. chemicals firm; Linux systems targeted.
SAP disclosed a 10/10 flaw in NetWeaver Visual Composer The bug allows threat actors to upload malware Researchers claim up to 1,200 instances are vulnerable More than 1,200 SAP instances are at ...
Another serious flaw exists in SAP NetWeaver AS Java, versions 7.10, 7.11, 7.30, 7.31, 7.40 and 7.50. Specifically the MigrationService component is affected in that it lacks authorization checks.
But SAP, in fact, has full confidence in NetWeaver and big plans for it, spokeswoman Shabana Khan said via e-mail. NetWeaver is “the foundational technology to our solutions,” she said.
What NetWeaver BPM Is and Is Not With its NetWeaver BPM announcement, SAP has introduced a “generic business process modeling environment,” Sheina says.
The US IT security authority CISA warns of attacks on a new SAP Netweaver vulnerability as well as on Chrome and Draytek routers. (Image: heise online / dmk) May 16, 2025 at 10:07 am CEST 2 min. read ...
SAP America announced today that it will integrate a component of Mercury Interactive’s LoadRunner performance optimization product into its NetWeaver platform. The LoadRunner component will ...