SAP Releases Security Updates to Combat Active Attacks

SAP has announced massive security updates, addressing several critical vulnerabilities across its enterprise software portfolio. The most urgent fixes target two zero-day flaws in SAP NetWeaver Visual Composer, which attackers have already exploited.

The vulnerabilities, identified as CVE-2025-31324 and CVE-2025-42999, allow unauthenticated attackers to remotely upload and execute malicious files on vulnerable SAP servers. Security experts warn that these flaws could lead to full system compromise, data theft, and service disruption if left unpatched.

On May 13th, Patch Day, the company released 18 new security notes. These include patches for SAP’s key products, such as S/4HANA, Business Objects, and Live Auction Cockpit. The company rates some of these vulnerabilities as “Critical,” which indicates the highest level of security. 

“Organizations running affected SAP products should prioritize these updates immediately,” SAP said in its advisory. “We have observed active exploitation attempts targeting these vulnerabilities in the wild.”

Furthermore, for customers who are still using the unsupported versions of SAP NetWeaver Java, SAP has provided workaround recommendations to help mitigate risk until systems can be upgraded or replaced.

That’s it for now! But all SAP customers are urged to review the official security notes and apply all relevant patches as soon as possible to protect against potential cyberattacks. Besides, given the growing number of cyber threats, it’s a good idea to keep an eye out for all the latest security updates that companies release from time to time. Sometimes, not upgrading with the latest patch can lead to a severe threat to the organization.