Ce mail provient de l'extérieur, restons vigilants

=====================================================================

                            CERT-Renater

                Note d'Information No. 2025/VULN593
_____________________________________________________________________

DATE                : 09/09/2025

HARDWARE PLATFORM(S): /

OPERATING SYSTEM(S): Systems running SAP products.

=====================================================================
https://support.sap.com/en/my-support/knowledge-base/security-notes-news/september-2025.html
_____________________________________________________________________

SAP Security Patch Day - September 2025

This post shares the information on Security Notes that remediate
vulnerabilities discovered in SAP products. SAP strongly recommends
that the customer visits the Support Portal and applies patches on
priority to protect their SAP landscape.

On 9th of September 2025, SAP Security Patch Day saw the release of
21 new Security Notes. Further, there were 4 updates to previously
released Security Notes.

Note#      Title      Priority       CVSS      

3634501
[CVE-2025-42944] Insecure Deserialization vulnerability in SAP
Netweaver (RMI-P4)
Product - SAP Netweaver (RMI-P4)
Version - SERVERCORE 7.50
Critical
10.0

3643865
[CVE-2025-42922] Insecure File Operations vulnerability in SAP
NetWeaver AS Java (Deploy Web Service)
Product - SAP NetWeaver AS Java (Deploy Web Service)
Version - J2EE-APPS 7.50
Critical
9.9

3302162
Update to Security Note released on March 2023 Patch Day:
[CVE-2023-27500] Directory Traversal vulnerability in SAP
NetWeaver AS for ABAP and ABAP Platform
Product – SAP NetWeaver AS for ABAP and ABAP Platform
Version – 700, 701, 702, 731, 740, 750, 751, 752, 753,
754, 755, 756, 757
Critical
9.6

3627373
[CVE-2025-42958] Missing Authentication check in SAP
NetWeaver
Product - SAP NetWeaver
Version - KRNL64NUC 7.22, 7.22EXT, KRNL64UC 7.22, 7.22EXT,
7.53, KERNEL 7.22, 7.53, 7.54
Critical
9.1

3642961
[CVE-2025-42933] Insecure Storage of Sensitive Information in
SAP Business One (SLD)
Product - SAP Business One (SLD)
Version - B1_ON_HANA 10.0, SAP-M-BO 10.0
High
8.8

3633002
[CVE-2025-42929] Missing input validation vulnerability in SAP
Landscape Transformation Replication Server
Product - SAP Landscape Transformation Replication Server
Version - DMIS 2011_1_620, 2011_1_640, 2011_1_700, 2011_1_710,
2011_1_730, 2011_1_731, 2011_1_752, 2020
High
8.1

3635475
[CVE-2025-42916] Missing input validation vulnerability in SAP
S/4HANA (Private Cloud or On-Premise)
Product - SAP S/4HANA (Private Cloud or On-Premise)
Version - S4CORE 102, 103, 104, 105, 106, 107, 108
High
8.1

3581811
Update to Security Note released on April 2025 Patch Day:
[CVE-2025-27428] Directory Traversal vulnerability in SAP
NetWeaver and ABAP Platform (Service Data Collection)
Product - SAP NetWeaver and ABAP Platform (Service Data
Collection)
Version - ST-PI 2008_1_700, 2008_1_710, 740
High
7.7

3620264
[CVE-2025-22228] Security Misconfiguration vulnerability in Spring
security within SAP Commerce Cloud and SAP Datahub
Product - SAP Commerce Cloud and SAP Datahub
Version - HY_COM 2205, HY_DHUB 2205, COM_CLOUD 2211, DHUB_CLOUD 2211
Medium
6.6

3614067
[CVE-2025-42930] Denial of Service (DoS) vulnerability in SAP Business
Planning and Consolidation
Product - SAP Business Planning and Consolidation
Version - BPC4HANA 200, 300, SAP_BW 750, 751, 752, 753, 754, 755, 756,
757, 758, 816, 914, CPMBPC 810
Medium
6.5

3635587
[CVE-2025-42912] Missing Authorization check in SAP HCM (My Timesheet
Fiori 2.0 application)
Additional CVEs - CVE-2025-42913, CVE-2025-42914
Product - SAP HCM (My Timesheet Fiori 2.0 application)
Version - GBX01HR5 605
Medium
6.5

3643832
	

[CVE-2025-42917] Missing Authorization check in SAP HCM
(Approve Timesheets Fiori 2.0 application)
Product - SAP HCM (Approve Timesheets Fiori 2.0 application)
Version - GBX01HR5 605
Medium
6.5

3611420
[CVE-2023-5072] Denial of Service (DoS) vulnerability due to
outdated JSON library used in SAP BusinessObjects Business
Intelligence Platform
Product - SAP BusinessObjects Business Intelligence Platform
Version - ENTERPRISE 430, 2025, 2027
Medium
6.5

3647098
[CVE-2025-42920] Cross-Site Scripting (XSS) vulnerability in
SAP Supplier Relationship Management
Product - SAP Supplier Relationship Management
Version – SRM_SERVER 700, 701, 702, 713, 714
Medium
6.1

3629325
[CVE-2025-42938] Cross-Site Scripting (XSS) vulnerability in
SAP NetWeaver ABAP Platform
Product - SAP NetWeaver ABAP Platform
Version - S4CRM 100, 200, 204, 205, 206, S4CEXT 109, BBPCRM
713, 714
Medium
6.1

3409013
[CVE-2025-42915] Missing Authorization Check in Fiori app
(Manage Payment Blocks)
Product - Fiori app (Manage Payment Blocks)
Version - S4CORE 107, 108
Medium
5.4

3619465
[CVE-2025-42926] Missing Authentication check in SAP NetWeaver
Application Server Java
Product - SAP NetWeaver Application Server Java
Version - WD-RUNTIME 7.50
Medium
5.3

3627644
[CVE-2025-42911] Missing Authorization check in SAP
NetWeaver (Service Data Download)
Product - SAP NetWeaver (Service Data Download)
Version - SAP_BASIS 700, SAP_BASIS 701, SAP_BASIS 702, SAP_BASIS 731,
SAP_BASIS 740, SAP_BASIS 750, SAP_BASIS 751, SAP_BASIS 752, SAP_BASIS
753, SAP_BASIS 754, SAP_BASIS 755, SAP_BASIS 756, SAP_BASIS 757,
SAP_BASIS 758, SAP_BASIS 816
Medium
5.0

3610322
Update to Security Note released on July 2025 Patch Day:
[CVE-2025-42961] Missing Authorization check in SAP
NetWeaver Application Server for ABAP
Product - SAP NetWeaver Application Server for ABAP
Version – SAP_BASIS 700, SAP_BASIS 701, SAP_BASIS 702,
SAP_BASIS 731, SAP_BASIS 740, SAP_BASIS 750, SAP_BASIS 751,
SAP_BASIS 752, SAP_BASIS 753, SAP_BASIS 754, SAP_BASIS 755,
SAP_BASIS 756, SAP_BASIS 757, SAP_BASIS 758, SAP_BASIS 816
Medium
4.9

3640477
[CVE-2025-42925] Predictable Object Identifier vulnerability
in SAP NetWeaver AS Java (IIOP Service)
Product - SAP NetWeaver AS Java (IIOP Service)
Version – SERVERCORE 7.50
Medium
4.3

3450692
[CVE-2025-42923] Cross-Site Request Forgery (CSRF) vulnerability
in SAP Fiori App (F4044 Manage Work Center Groups)
Product - SAP Fiori App (F4044 Manage Work Center Groups)
Version - UIS4HOP1 600, 700, 800, 900
Medium
4.3

3623504
[CVE-2025-42918] Missing Authorization check in SAP NetWeaver
Application Server for ABAP (Background Processing)
Product - SAP NetWeaver Application Server for ABAP (Background
Processing)
Version - SAP_BASIS 700, SAP_BASIS 701, SAP_BASIS 702, SAP_BASIS
731, SAP_BASIS 740, SAP_BASIS 750, SAP_BASIS 751, SAP_BASIS 752,
SAP_BASIS 753, SAP_BASIS 754, SAP_BASIS 755, SAP_BASIS 756,
SAP_BASIS 757, SAP_BASIS 758, SAP_BASIS 816
Medium
4.3

3624943
Update to Security Note released on August 2025 Patch Day:
[CVE-2025-42941] Reverse Tabnabbing vulnerability in SAP
Fiori (Launchpad)
Product - SAP Fiori (Launchpad)
Version - SAP_UI 754
Low
3.5

3525295
[CVE-2025-42927] Information Disclosure due to Outdated OpenSSL
Version in SAP NetWeaver AS Java (Adobe Document Service)
Product - SAP NetWeaver AS Java (Adobe Document Service)
Version - ADSSAP 7.50
Low
3.4

3632154
[CVE-2024-13009] Potential Improper Resource Release vulnerability
in SAP Commerce Cloud
Product - SAP Commerce Cloud
Version - HY_COM 2205, COM_CLOUD 2211
Low
3.1


To know more about the security researchers and research companies
who have contributed for security patches of this month, visit
here.
SAP is committed to delivering trustworthy products and cloud
services. Secure configuration is essential to ensuring secure
operation and data integrity. We have therefore documented
security recommendations that are consolidated in this
document to help you configure the best security for your
SAP portfolio.
Archived blogs from previous years are available here.
If you have any comments or feedback about this post, you can
write to secure@sap.com.



=========================================================
+ CERT-RENATER        |    tel : 01-53-94-20-44         +
+ 23/25 Rue Daviel    |    fax : 01-53-94-20-41         +
+ 75013 Paris         |   email:cert@support.renater.fr +
=========================================================