About:
RedLegg will occasionally communicate vulnerabilities released outside the usual release schedule to provide additional value to our customers. These emergency bulletins describe vulnerabilities or threats we classify as the highest severity level and warrant out-of-band emergency patching or mitigation action.
CVSS Score: 10.0 (Critical)
Identifier: CVE-2025-42944
Exploit or Proof of Concept (PoC): No known PoC or exploitation has been reported yet.
Update: CVE-2025-42944 – SAP Security Note #3634501 – September 2025 Patch Day
Description: CVE-2025-42944 is a critical vulnerability in SAP NetWeaver (AS Java), specifically within its RMI-P4 module. The flaw involves insecure deserialization of untrusted Java objects. An unauthenticated, remote attacker could leverage this vulnerability by sending a crafted payload to an exposed RMI-P4 port, resulting in arbitrary OS command execution under the affected system privileges. This presents a complete compromise of confidentiality, integrity, and availability. The vulnerability affects SAP NetWeaver ServerCore 7.50.
No public PoC is available, and there are no confirmed in-the-wild exploits at this time. However, given the severity and impact, it is considered an urgent risk requiring swift remediation.
Mitigation Recommendation: