TechRadar

SAP fixes serious security issues - here's how to stay safe

CVE-2025-42887 in SAP Solution Manager allows unauthenticated code injection and full system takeover Vulnerability scored 9.9/10; patch released in SAP’s November 2025 update SAP also fixed ...
Bleeping Computer

SAP fixes hardcoded credentials flaw in SQL Anywhere Monitor

SAP has released its November security updates that address multiple security vulnerabilities, including a maximum severity flaw in the non-GUI variant of the SQL Anywhere Monitor and a critical code ...
shine.com

Top 25 SAP Basis Interview Questions & Answers

SAP basis acts as an operating structure or a stage for SAP applications to run. It supports the complete range of SAP applications. 2. Explain private mode? In private mode, the heap data is wholly ...
Bleeping Computer

SAP fixes maximum severity NetWeaver command execution flaw

SAP has addressed 21 new vulnerabilities affecting its products, including three critical severity issues impacting the NetWeaver software solution. SAP NetWeaver is the foundation for SAP's business ...
Infosecurity-magazine.com

Public Exploit Released for Critical SAP NetWeaver Flaw

A critical vulnerability in SAP NetWeaver AS Java Visual Composer, tracked as CVE-2025-31324, is now being widely exploited following the release of public exploit tooling. The flaw, patched in April ...
heise online

SAP Patchday: Critical vulnerabilities allow malicious code to be injected

In August, SAP issues 15 new security notes on vulnerabilities in its products. Some of them pose a critical risk. SAP's August Patchday brings 15 new security notes that address, among other things, ...
heise online

SAP Patchday: NetWeaver products are vulnerable to malware attacks

On Patchday in July, SAP developers closed a total of five "critical" security vulnerabilities. In the worst case scenario, malicious code can compromise systems. So far, there are no indications that ...
SiliconANGLE

Researchers uncover weak encryption in SAP user interface for Windows and Java

SAP SE today addressed two newly disclosed vulnerabilities in its SAP Graphical User Interface client applications following their discovery in coordinated research by Pathlock Inc. and Fortinet Inc.
CSOonline

SAP GUI flaws expose sensitive data via weak or no encryption

Newly disclosed vulnerabilities in SAP GUI for Windows and Java store user data with outdated or no encryption, posing compliance and breach risks for enterprises. SAP GUI, a trusted interface for ...
Infosecurity-magazine.com

SAP GUI Input History Found Vulnerable to Weak Encryption

Two vulnerabilities in SAP’s Graphical User Interface (SAP GUI) input history feature have been disclosed, revealing weaknesses in how sensitive user data is stored locally. The issues, discovered by ...
Dark Reading

XOR Marks the Flaw in SAP GUI

SAP has patched a couple of vulnerabilities in its graphical user interface (SAP GUI) input history feature that give attackers a way to potentially access sensitive data stored locally on user ...
The Hacker News

Citrix Bleed 2 Flaw Enables Token Theft; SAP GUI Flaws Risk Sensitive Data Exposure

Cybersecurity researchers have detailed two now-patched security flaws in SAP Graphical User Interface (GUI) for Windows and Java that, if successfully exploited, could have enabled attackers to ...