Tech Desk 
Sep 23, 2025
A high-severity security advisory has been released by the National Computer Emergency Response Team (NCERT) due to a critical vulnerability in SAP S/4HANA systems, which are extensively utilised in mission-critical operations and enterprise resource planning.
The vulnerability, identified as CVE-2025-42957 with a CVSS score of 9.9, enables remote injection of malicious code by attackers using very few credentials and without requiring any user interaction.
The flaw may result in ransomware, spyware, or data theft by enabling remote code execution, unauthorised access, and system compromise.
The vulnerability is already being actively exploited in the wild, according to the NCERT, and it affects a number of SAP products, including Business One, S/4HANA, and NetWeaver Application Server ABAP.
Applying SAP's September 2025 security updates right away is advised for organisations, particularly for high-priority and internet-facing instances.
Temporary steps like limiting access to reliable networks and implementing Web Application Firewall rules can help lower the risk for those who are unable to patch immediately.
The NCERT stresses that the best defence against this threat is timely patching.
Security teams are encouraged to verify backup readiness, incorporate SAP-specific exploits into their incident response plans, and keep an eye out for indications of compromise.
Critical data and operations could be at risk if prompt action is not taken.
Organisations must prioritise patching and mitigation due to the vulnerability's severity and active exploitation in order to avoid possible compromise and operational disruption.
Businesses can safeguard their SAP systems and defend themselves against this serious threat by acting quickly.
