Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2025-42963

A critical vulnerability in SAP NetWeaver Application server for Java Log Viewer enables authenticated administrator users to exploit unsafe Java object deserialization. Successful exploitation can lead to full operating system compromise, granting attackers complete control over the affected system. This results in a severe impact on the confidentiality, integrity, and availability of the application and host environment.

Published

2025-07-08T01:15:23.093

Last Modified

2025-07-08T16:18:14.207

Status

Awaiting Analysis

Source

[email protected]

Severity

CVSSv3.1: 9.1 (CRITICAL)

Weaknesses

Type: Primary
CWE-502

Affected Vendors & Products

References

https://me.sap.com/notes/3621771 ([email protected])
https://url.sap/sapsecuritypatchday ([email protected])