Deserialization Vulnerability in SAP NetWeaver
CVE-2025-42944
What is CVE-2025-42944?
CVE-2025-42944 is a deserialization vulnerability located within the SAP NetWeaver platform, which is a crucial application server used for building and integrating business applications. The vulnerability permits unauthorized attackers to exploit the RMI-P4 module by sending specifically crafted malicious payloads to an exposed port. This deserialization flaw can lead to arbitrary command execution on the operating system, jeopardizing the overall security of SAP applications. If successfully exploited, this vulnerability can severely compromise an organization’s data confidentiality, integrity, and availability, resulting in significant operational disruptions.
Potential impact of CVE-2025-42944
-
Unauthorized Command Execution: The vulnerability allows attackers to execute arbitrary commands on the operating system, which can lead to the installation of malicious software, data manipulation, or further network intrusions.
-
Data Breaches: Exploiting this vulnerability could lead to unauthorized access to sensitive data, resulting in potential data breaches that would violate compliance standards and damage an organization’s reputation.
-
Operational Disruption: The arbitrary code execution enabled by this vulnerability could severely disrupt business operations, leading to downtime and loss of productivity, as well as incurring costs related to incident response and recovery efforts.
Affected Version(s)
SAP Netweaver (RMI-P4) SERVERCORE 7.50
News Articles
The Hacker NewsCVE-2025-42944SAP Patches Critical NetWeaver (CVSS Up to 10.0) and Previously Exploited S/4HANA Flaws
SAP patches critical NetWeaver and S/4HANA flaws (CVSS 8.1–10.0), preventing code execution, file upload, and data loss.