SAP S/4HANA code-injection (CVE-2025-42957) now under active exploitation
Scope: SAP S/4HANA
Severity: Red
A critical code-injection flaw in S/4HANA is being exploited in the wild to breach exposed servers. Apply SAP’s August 11 security note and restrict external exposure.
The Uganda National CERT and Coordination Center (CERT.UG/CC) encourages users and administrators to review the recommendations and apply the necessary updates.