Summary: SAP has released a total of 21 new and 3 updated security notes as part of its March 2025 security patch day, addressing critical vulnerabilities in several of its products. Among these, five high-priority notes were highlighted, including serious issues related to Commerce and NetWeaver. The vulnerabilities range from cross-site scripting to authorization checks, necessitating immediate attention from affected organizations.
Affected: SAP Enterprise Software
Keypoints :
- Five high-priority security notes released, addressing vulnerabilities in Commerce, NetWeaver, and Commerce Cloud.
- CVE-2025-27434 and CVE-2025-26661 have a CVSS score of 8.8, indicating severe security risks.
- Patches also provided for medium and low-priority issues across various SAP applications, including Business One and NetWeaver.
Source: https://www.securityweek.com/sap-patches-high-severity-vulnerabilities-in-commerce-netweaver/
Views: 24