URGENT UPDATE: SAP has just released a critical emergency patch for the highly severe vulnerability, rated 9.9 out of 10, known as CVE-2025-42887. Discovered by the SecurityBridge Threat Research Labs, this flaw poses an immediate risk, allowing cyber attackers to gain complete control over SAP systems and sensitive business data.
The vulnerability impacts the SAP Solution Manager, a key component utilized by companies worldwide to manage their SAP environments. With SAP software serving as the backbone for countless businesses, the implications of this security breach are alarming, underscoring the pressing need for organizations to act swiftly.
According to Joris van de Vis, Director of Security Research at SecurityBridge, the issue centers on a Code Injection vulnerability. This means attackers can exploit a remote feature to inject malicious code into systems, leading to total compromise. Van de Vis highlighted the severity of the threat in a blog post, stating, “This flaw is particularly dangerous because it allows the injection of code from a low-privileged user, which leads to a full SAP compromise and all data contained in the SAP system.”
As part of the November Patch Day on November 11, 2025, SAP issued this urgent fix among a total of 25 new and updated SAP Security Notes. The release also included other critical updates, such as a 10.0/10 rated flaw in the SQL Anywhere Monitor tool that involves hardcoded login details.
Organizations are strongly urged to install the patch for CVE-2025-42887 immediately. The public disclosure of the patch may give cybercriminals the knowledge needed to replicate the attack, accelerating the development of potential exploits.
In addition to the high-priority updates, SAP also released two patches for medium and low-priority vulnerabilities. Notably, four fixes were made for the SAP Business Connector, a tool familiar to many integration specialists.
SecurityBridge provided an advanced warning about these vulnerabilities to its customers on October 30, 2025, prior to the public announcement, emphasizing the necessity of enhanced security measures.
With this urgent situation developing, companies using SAP systems must prioritize patching to safeguard themselves against potential attacks. The stakes are high, and the time to act is NOW.
