SAP Netweaver Visual Composer users are urged to patch a critical vulnerability that attackers are actively exploiting. According to ReliaQuest, which detected the vulnerability, the attacks allow full system compromise through unauthenticated file uploads. Although SAP has issued an emergency patch, security researchers report that the vulnerability is being exploited throughout critical industries, and is therefore “immediate and severe,” and designated a 10 out of 10 for criticality.
Urgent patching is required and available through SAP.