Initiatieven voor
Als nationale autoriteit voor cyberveiligheid heeft het CCB verschillende initiatieven ontwikkeld voor specifieke doelgroepen die hier worden gepresenteerd.
Warning: SAP has released security updates for two critical vulnerabilities affecting its products, patch immediately!
Image
Gepubliceerd : 14/10/2025
Last update: 14/10/2025
Affected software: ISAP Print Service versions 8.00 and 8.10.
SAP Supplier Relationship Management (SRM) versions SRMNXP01 100 and 150Type: Directory Traversal, Unrestricted File Upload
CVE/CVSS
→ CVE-2025-42937: CVSS 9.8 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
→ CVE-2025-42910: CVSS 9.0 (CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H)
Sources
SAP https://support.sap.com/en/my-support/knowledge-base/security-notes-news/october-2025.html
Risks
CVE-2025-42937 is a directory-traversal vulnerability in SAP Print Service that could allow an unauthenticated remote attacker to manipulate arbitrary files and compromise system integrity and availability.
CVE-2025-42910 is an unrestricted file upload vulnerability in SAP SRM. Successful exploitation could allow an authenticated attacker to upload arbitrary files, including executables or scripts, which could later be downloaded and executed by users or processed by the system.
Exploitation of this vulnerability could have a significant impact on the confidentiality, integrity, and availability of the application.
Description
CVE-2025-42937 is a critical path traversal vulnerability with a CVSS score of 9.8, affecting SAPSprint versions 8.00 and 8.10. The vulnerability results from insufficient validation of user-supplied paths, which could allow an attacker to evade restricted directories. An unauthenticated attacker could exploit this vulnerability by submitting crafted path input, traversing parent directories, and overwriting system files that the SAP Print Service process can access.
CVE-2025-42910 is a critical vulnerability in SAP SRM’s file upload functionality, affecting versions SRMNXP01 100 and 150. This vulnerability is due to a lack of verification of file type or content, thus allowing an authenticated attacker to upload arbitrary files, including potentially malicious executables.
Recommended Actions
Patch
The Centre for Cybersecurity Belgium strongly recommends installing updates for vulnerable devices with the highest priority after thorough testing.
Monitor/Detect
The CCB recommends organizations upscale monitoring and detection capabilities to identify any related suspicious activity, ensuring a swift response in case of an intrusion.
In case of an intrusion, you can report an incident via: https://ccb.belgium.be/report-incident.
While patching appliances or software to the newest version may provide safety from future exploitation, it does not remediate historic compromise.
References
Threat Radar https://radar.offseq.com/threat/cve-2025-42937-cwe-35-path-traversal-in-sapse-sap--b5678cbf