SAP NetWeaver is the application server and runtime environment that underpins most SAP software products as well as custom business applications built by customers.

Attackers can attack SAP NetWeaver products and Business Objects, among others. Security updates are available for download.

SAP released 27 new and four updated security notes for its July 2025 Security Patch Day, addressing multiple critical vulnerabilities.

The exploits targeted common misconfigurations in SAP Gateway and SAP Message Server and put an estimated 90% of SAP applications at over 50,000 organizations worldwide at risk of complete compromise.

Over 1,200 internet-exposed SAP NetWeaver instances are vulnerable to an actively exploited maximum severity unauthenticated file upload vulnerability that allows attackers to hijack servers.

SAP fixed CVE-2025-42999, a 9.1/10 vulnerability in NetWeaver This one was chained with CVE-2025-31324, which was fixed in April Fortune 500 companies are apparently at risk SAP has patched a ...

In IT, few names are more significant than SAP and AWS. Countless organizations rely on SAP's Enterprise Resource Planning (ERP) systems for running their mission-critical systems, while AWS holds an ...

New offering designed to move SAP S/4HANA workloads from IBM Power Systems on-premises to cloud within 90 days . IBM realized 30% reduction in infrastructure costs and related operations over 18 ...