CVE-2025-42944

CVSS v3.1

Vector

AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions SAP NetWeaver versions 5.3 through 10.0

Description The issue is an insecure deserialization flaw within the RMI-P4 module of SAP NetWeaver. This allows an unauthenticated attacker to submit malicious payloads to an open port, leading to arbitrary operating system command execution. The deserialization of untrusted Java objects is the root cause. It is estimated that over 515,000 systems are potentially exposed. The vulnerability has a CVSS score of 10.0, indicating critical severity. The API Endpoint involved is not explicitly specified, but the attack vector involves submitting payloads to an open port. The vulnerability leverages the deserialization process, potentially impacting functions related to object handling. The vulnerable component is the

RMI-P4

module.

Recommendations Apply SAP Note 3634501 to all affected versions. Restrict or close the RMI-P4 module to minimize the risk of exploitation. Segment networks to limit the potential impact of a successful attack.

Fix

RCE

Deserialization of Untrusted Data

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-502

Related Identifiers

BDU:2025-10908

CVE-2025-42944

Affected Products

Sap Netweaver

CVE-2025-42944

Weakness Enumeration

Related Identifiers

Affected Products

References · 60