Pulse of Truth

1605 readers

42 users here now

Cyber Security news and links to cyber security stories that could make you go hmmm. The content is exactly as it is consumed through RSS feeds and wont be edited (except for the occasional encoding errors).

This community is automagically fed by an instance of Dittybopper.

founded 2 years ago

MODERATORS

krogoth

Critical SAP S/4HANA flaw CVE-2025-42957 under active exploitation (securityaffairs.com)

submitted 1 week ago by lemmydev2 to c/pulse_of_truth

2 comments fedilink hide all child comments

Experts warn of an actively exploited vulnerability, tracked as CVE-2025-42957 (CVSS score: 9.9), in SAP S/4HANA software. A critical command injection vulnerability, tracked as CVE-2025-42957 (CVSS score of 9.9), in SAP S/4HANA is under active exploitation. An attacker can exploit this flaw to fully compromise SAP systems, altering databases, creating superuser accounts, and stealing password hashes. “SAP […]

top 2 comments

sorted by: hot top controversial new old

[–] blackfire@lemmy.world 1 points 1 week ago (1 children)

This sounds pretty brutal with user level access. No mitigation just patch and patch now or boom.

[–] lemmydev2 1 points 1 week ago

And on a weekend 🥳