The National Computer Emergency Response Team (NCERT) has issued an important security advisory related to the newly disclosed threat in the SAPS/4 Hana system used in the worldwide business.
The CV-2025-42957 with a CVSS score of 9.9 has been tracked as a remote function call (RFC) module due to insufficient input verification. This danger allows the invaders to inject the malicious code from a distance, which only requires lower level credentials and the user is not interacting.
According to the consultation, the exploitation of this weakness can result in the implementation of the remote code, unauthorized access, enhancement of privileges, system compromise, sensitive enterprise data theft, and ransomware or spyware. In view of the widespread use of SAPs in Enterprise Resource Planning (ERP) and mission critical operations, this error is considered one of the most conquest of the business system in recent years. NCERT confirmed that wildlife was already being actively exploited by this risk.
Advanced highlights that several versions of SAP products are affected, including S/4 Hanna (both private clouds and on -premises), Business One, Landscape transformation components, and Networ application server ABAP. Organizations using the weak version of these products have been emphasized to apply SAP’s September 2025 security updates without delay. Internet facing and high priority examples are particularly at risk if left without any place.
Unable to patch organizations, unable to patch immediately, NCERT recommends temporary reduction, such as limiting access to reliable networks, deploying web application firewall (WAF) rules to prevent suspicious payloads, and unusual RFC activity or concessions. Strengthening access control, implementing minimal immunity policies, and continuous monitoring of SAP traffic were also advised as part of a broader protective currency.
The NCERT emphasized that timely patching remains the most effective defense against this threat. Security teams have been instructed to connect specific achievements, fix backup preparations, and be vigilant for a compromise connected to the CV-2025-42957. Failure to work immediately can result in a complete compromise on enterprise business systems, which put important data and operations at risk.