PT-2025-20587 · Undefined · Undefined
Published
2025-05-09
·
Updated
2025-05-09
·
CVE-2024-37009
None
No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.
CVE-2024-37009 is a critical RCE flaw in SAP NetWeaver AS Java, now being exploited by a Chinese threat group.
The vulnerability allows unauthenticated attackers to fully compromise systems via the LM Configuration Wizard.
SAP has issued a patch. Update immediately.
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Undefined