SAP
-
Blog
Over 1,200 SAP NetWeaver servers vulnerable to actively exploited flaw
Over 1,200 internet-exposed SAP NetWeaver instances are vulnerable to an actively exploited maximum severity unauthenticated file upload vulnerability that allows attackers to hijack servers. SAP NetWeaver is an application server and development platform that runs and connects SAP and non-SAP applications across different technologies. Last week, SAP disclosed an unauthenticated file upload vulnerability, tracked as CVE-2025-31324, in SAP NetWeaver Visual Composer,…
Read More » -
Blog
SAP fixes suspected Netweaver zero-day exploited in attacks
SAP has released out-of-band emergency NetWeaver updates to fix a suspected remote code execution (RCE) zero-day flaw actively exploited to hijack servers. The vulnerability, tracked under CVE-2025-31324 and rated critical (CVSS v3 score: 10.0), is an unauthenticated file upload vulnerability in SAP NetWeaver Visual Composer, specifically the Metadata Uploader component. It allows attackers to upload malicious executable files without needing…
Read More » -
Blog
SAP rolls out ‘Joule for Developers’ AI coding assistant
SAP has announced ‘Joule for Developers’, its new an AI coding tool for programmers and developers aimed at driving staff efficiencies and freeing up time for tasks that AI cannot complete. The capabilities will be available in the SAP Business Suite, more specifically SAP Build Process Automation and SAP Buil Apps. Joule for Developers will bolster previously announced capabilities in…
Read More » -
Blog
SAP fixes critical vulnerabilities in NetWeaver application servers
SAP has fixed two critical vulnerabilities affecting NetWeaver web application server that could be exploited to escalate privileges and access restricted information. As part of the January Security Patch Day, the vendor also released updates for other products to patch 12 additional issues rated with medium and high severity. “SAP strongly recommends that the customer visits the Support Portal and applies…
Read More » -
Blog
SAP launches sovereign cloud service for UK customers
SAP has announced new sovereign cloud capabilities in the UK, meaning customers will now be able to process data entirely within the borders of the country. The offering is now fully operational and available to customers, SAP said in a statement, and is designed to meet the highest standards of data residency, security, and compliance within the UK. It’s targeted…
Read More » -
Blog
UiPath and SAP team up to streamline cloud migrations
UiPath and SAP have unveiled a new integration designed to help SAP customers boost their automation capabilities and streamline cloud migrations. Slated for release this month, the enterprise automation specialist’s UiPath Platform is being integrated with SAP Build Process Automation and delivered as a new SAP Solution Extension. The offering has been designed to facilitate the automation of business processes…
Read More » -
Blog
SAP CRM Review (2024): Pricing, Features, and More
SAP CRM’s fast facts Starting price: No upfront pricing for SAP Sales Cloud. Key features: Guided selling. Dynamic sales journeys. Logistics optimization. Omnichannel engagement. Task surveys. SAP Customer Relationship Management (CRM) and Customer Experience (CX) products are key components of SAP Business Suite and work to deliver engaging e-commerce experiences through automated campaigns and built-out sales processes. SAP offers both…
Read More » -
Blog
Critical SAP flaw allows remote attackers to bypass authentication
SAP has released its security patch package for August 2024, addressing 17 vulnerabilities, including a critical authentication bypass that could allow remote attackers to fully compromise the system. The flaw, tracked as CVE-2024-41730 and rated 9.8 as per the CVSS v3.1 system, is a “missing authentication check” bug impacting SAP BusinessObjects Business Intelligence Platform versions 430 and 440 and is…
Read More »