CSTI
    industryThe Commercial Era (2020-Present) Daily Briefing Landmark Event

    Critical SAP Vulnerability Exploited Amidst Multiple Cyberattacks

    Friday, September 5, 2025

    Critical SAP Vulnerability Exploited Amidst Multiple Cyberattacks

    Today, the cybersecurity landscape is marked by a critical command injection vulnerability in SAP S/4HANA, identified as CVE-2025-42957. This flaw allows low-privileged users to execute arbitrary ABAP code, posing severe risks to organizations that rely on SAP systems. Patching is imperative, as active exploitation has been reported. In parallel, Bridgestone confirmed a cyberattack that disrupted its North American manufacturing operations, although customer data remains safe. Additionally, a supply chain attack affecting Salesforce has compromised data from major firms, with hackers leveraging OAuth tokens for unauthorized access. WhatsApp has also patched a critical zero-click vulnerability (CVE-2025-55177), urging users to update their applications. In another notable incident, Jaguar Land Rover faced significant operational disruptions due to a cyberattack attributed to known hacker groups.

    Also In Security Today

    • Bridgestone Cyberattack: Bridgestone's North American manufacturing operations were disrupted due to a cyberattack. Initial containment is in place, with no customer data compromised. Source
    • Salesforce Data Breach: A supply chain attack linked to Salesloft Drift led to the compromise of data from major firms including Zscaler and Palo Alto Networks. Source
    • WhatsApp Zero-Day Vulnerability: Users are advised to update their WhatsApp apps following a patch for CVE-2025-55177, a critical zero-click vulnerability. Source
    • Jaguar Land Rover Cyberattack: Jaguar Land Rover had to shut down operations at key sites following a significant cyberattack by known hacker groups. Source

    Analyst's Take

    Today's news underscores the escalating threat landscape where vulnerabilities in widely used systems like SAP can lead to significant operational risks. Organizations must prioritize patch management and implement robust monitoring strategies. The Bridgestone and Jaguar Land Rover attacks highlight the need for enhanced incident response capabilities. Defenders should also focus on securing supply chains, especially with the growing trend of supply chain attacks evident in the Salesforce incident. Continuous training and awareness among employees can mitigate risks associated with newly discovered vulnerabilities, such as the WhatsApp zero-click exploit.

    Sources

    CVE-2025-42957 CVE-2025-55177 Bridgestone Salesforce WhatsApp