Serial number: AV25-192
Date: April 8, 2025
Updated: April 25, 2025
On April 8, 2025, SAP published security advisories to address vulnerabilities in multiple products. Included were updates for the following:
- SAP Capital Yield Tax Management – versions CYTERP 420_700, CYT 800, IBS 7.0 and CYT4HANA 100
- SAP Commerce Cloud – versions HY_COM 2205 and COM_CLOUD 2211
- SAP Financial Consolidation – version 1010
- SAP Landscape Transformation DMIS – versions 2011_1_700, 2011_1_710, 2011_1_730 and 2011_1_731
- SAP NetWeaver and ABAP Platform (Service Data Collection) – versions ST-PI 2008_1_700, 2008_1_710 and 740
- SAP NetWeaver Application Server ABAP – versions KRNL64NUC 7.22, 7.22EXT, KRNL64UC 7.22, 7.22EXT, 7.53, KERNEL 7.22, 7.53, 7.54, 7.77, 7.89 and 7.93
- SAP S/4HANA S4CORE – versions 102, 103, 104, 105, 106, 107 and 108
Update 1
On April 24, 2025, SAP updated their security advisory to address a vulnerability in the following product:
- SAP NetWeaver (Visual Composer development server) – version VCFRAMEWORK 7.50
The Cyber Centre encourages users and administrators to review the provided web link and apply the necessary updates.