A high-severity command injection vulnerability, tracked as CVE-2025-42957, has been disclosed in SAP S/4HANA, causing a ripple of concern among the cybersecurity community. This vulnerability has a CVSS score of 9.9, putting it at an incredibly high risk. Organizations that have not deployed the latest security patches from SAP remain at a significant risk. Just last week, Pathlock flagged suspicious behavior showing exploitation attempts for this highly critical vulnerability to exploit.
The CVE-2025-42957 vulnerability makes it possible to inject arbitrary ABAP code into SAP systems, thereby easily bypassing critical authorization checks. This valuable capability comes with the risk of unauthorized access and manipulation of sensitive data. Organizations need to address this issue right now to safeguard their data.
Exploitation Attempts Detected
Pathlock, which focuses on protecting enterprise applications from cybersecurity threats, announced recently that they had found attempts to exploit CVE-2025-42957. From the standpoint of risk, the firm stressed that any enterprise not already implemented SAP’s August 2025 accessibility safety notes won’t be protected. Security analysts are calling on companies to do something before hackers find a way to use this vulnerability against them.
“Any organization that has not yet applied SAP’s August 2025 security notes is at risk.” – Pathlock
Our organizations are doing everything they can to protect their systems. They need to be watchful against an increasing risk from attacks that take advantage of this weakness. To those who have not yet been alarmed by the need to modernize their systems, Pathlock’s detection of outlier activities should be considered an early warning call.
SAP’s Response to the Vulnerability
After the discovery of CVE-2025-42957, SAP quickly released security updates, and included them in their monthly patching last month. These updates go directly to the heart of the vulnerability and offer hard and fast fixes to secure compromised systems. Consequently, organizations should update these enhancements as a top priority to help protect their SAP S/4HANA environments from being exploited.
As of this writing, the NIST National Vulnerability Database has recorded the specifics of CVE-2025-42957. This time you’ll get high level insights into the nature and implications of the flaw. As one of the 14 critical infrastructure sectors, the database highlights this vulnerability’s criticality in its findings.
“This flaw enables the injection of arbitrary ABAP code into the system, bypassing essential authorization checks.” – NIST National Vulnerability Database (NVD)
NIST advises enterprises to adopt SAP UCON to minimize the usage of Remote Function Call (RFC). In addition, they should audit access to authorization object S_DMIS activity 02 for additional safeguarding.
Importance of Timely Updates
The serious impact of CVE-2025-42957 reminds us of the role of timely software updates in our collective cybersecurity. As cyber threats become increasingly sophisticated, organizations must prioritize their security protocols and ensure they are using the latest versions of software.
In short, ignoring the security implementation guidelines released in August 2025 would leave entities open to grave dangers and potential violations. The business case This scenario highlights the importance of businesses to be informed about vulnerabilities in their systems and software. They have a responsibility to act deliberately to reduce these risks.