Serial number: AV25-738
Date: November 12, 2025
On November 11, 2025, SAP published security advisories to address vulnerabilities in multiple products. Included were updates for the following:
- SQL Anywhere Monitor (Non-Gui) – version SYBASE_SQL_ANYWHERE_SERVER 17.0;
- SAP Solution Manager – version ST 720;
- SAP CommonCryptoLib – version CRYPTOLIB 8;
- SAP HANA JDBC Client – version HDB_CLIENT 2.0;
- SAP Business Connector – version SAP BC 4.8;
- SAP NetWeaver Enterprise Portal – versions EP-BASIS 7.50 et EP-RUNTIME 7.50;
- SAP S/4HANA landscape (SAP E-Recruiting BSP) – versions S4ERECRT 100, 200, ERECRUIT 600, 603, 604, 605, 606, 616, 617, 800, 801 et 802;
- SAP HANA 2.0 (hdbrss) – version HDB 2.00;
- SAP GUI for Windows – versions BC-FES-GUI 8.00 et 8.10;
- SAP Starter Solution (PL SAFT) – versions SAP_APPL 600, 602, 603, 604, 605, 606, 616, SAP_FIN 617, 618, 700, 720, 730, S4CORE 100, 101, 102, 103 et 104;
- SAP NetWeaver Application Server Java – versions ENGINEAPI 7.50 et EP-BASIS 7.50;
- SAP Business One (SLD) – versions B1_ON_HANA 10.0 et SAP-M-BO 10.0;
- SAP S4CORE (Manage Journal Entries) – versions S4CORE 104, 105, 106, 107 et 108;
- SAP NetWeaver Application Server for ABAP – versions SAP_BASIS 700, SAP_BASIS 701, SAP_BASIS 702, SAP_BASIS 731, SAP_BASIS 740, SAP_BASIS 750, SAP_BASIS 751, SAP_BASIS 752, SAP_BASIS 753, SAP_BASIS 754, SAP_BASIS 755, SAP_BASIS 756, SAP_BASIS 757, SAP_BASIS 758 et SAP_BASIS 816;
- SAP NetWeaver Application Server for ABAP (Migration Workbench) – versions SAP_BASIS 700, SAP_BASIS 701, SAP_BASIS 702, SAP_BASIS 731, SAP_BASIS 740, SAP_BASIS 750, SAP_BASIS 751, SAP_BASIS 752, SAP_BASIS 753, SAP_BASIS 754, SAP_BASIS 755, SAP_BASIS 756, SAP_BASIS 757, SAP_BASIS 758 et SAP_BASIS 816.
The Cyber Centre encourages users and administrators to review the provided web link, perform the suggested mitigations and apply the necessary updates.