Critical SAP Vulnerability CVE-2025-42957 Actively Exploited by Hackers

Urgent security alert for SAP users! A critical vulnerability (CVE-2025-42957) allows attackers to take full control of your system. Find out if your SAP S/4HANA is at risk and what steps to take now to mitigate the threat.

A critical security flaw has been found in several SAP products, including SAP S/4HANA, a system used by a wide range of global companies to manage their finances, supply chains, and other key business functions. This vulnerability, tracked as CVE-2025-42957, is considered highly dangerous because it could allow a malicious actor to take complete control of a company’s SAP system.

The Colorado-based identity and access security provider firm, Pathlock Research Lab, has confirmed that the vulnerability is already being actively exploited by hackers. Despite requiring a low-level user account for access, this flaw is easy for an attacker to use, and once inside, they can bypass security checks to ...