Aktuelles, Branche - Sonntag, April 27, 2025 6:12 - noch keine Kommentare

SAP NetWeaver: New vulnerability of highest criticality disclosed

Onapsis warns of possible exploitation of the vulnerability

[datensicherheit.de, 04/27/2025] According to a recent report by Onapsis, several security incidents in connection with “SAP NetWeaver” became known in April 2025: According to the report, cyber attackers allegedly exploited “JSP webshells” to perform unauthorized file uploads and execute arbitrary code. The vulnerability affects the “SAP Visual Composer” component of “SAP Java” systems and allows unauthenticated threat actors to upload arbitrary files, including remote webshells, to SAP weiterlesen…