SAP Family Security Update Advisory

Oct 16 2025

Overview

We have released security updates to fix vulnerabilities in SAP products. Users of affected products are advised to update to the latest version.

Affected Products

CVE-2025-42937

SAP Print Service versions: SAPSPRINT 8.00, 8.10

CVE-2025-42910

SAP Supplier Relationship Management versions: Srmnxp01 100, 150

CVE-2025-5115

SAP Commerce Cloud versions: Hy_com 2205, com_cloud 2211, 2211-jdk21

CVE-2025-48913

SAP Data Hub Integration Suite versions: Cx_datahub_int_pack 2205

Resolved Vulnerabilities

Path traversal vulnerability in SAP Print Service (CVE-2025-42937)
Arbitrary file upload vulnerability in SAP Supplier Relationship Management (CVE-2025-42910)
Denial of Service Vulnerability in SAP Commerce Cloud (CVE-2025-5115)
Improper security configuration vulnerability in SAP Data Hub Integration Suite (CVE-2025-48913)

Vulnerability Patches

Vulnerability patches have been made available in the latest updates. Please follow the instructions on the Referenced Sites to update to the latest Vulnerability Patches version.

CVE-2025-42937, CVE-2025-42910, CVE-2025-5115, CVE-2025-48913

Separate security patches are available [2][3][4][5]

References

[1] SAP Security Patch Day – October 2025
https://support.sap.com/en/my-support/knowledge-base/security-notes-news/october-2025.html
[2] cve-2025-42937
https://me.sap.com/notes/3630595
[3] cve-2025-42910
https://me.sap.com/notes/3647332
[4] cve-2025-5115
https://me.sap.com/notes/3664466
[5] cve-2025-48913
https://me.sap.com/notes/3658838

SAP Family Security Update Advisory

Adobe Product Suite October 2025 Routine Security Update Advisory

Mozilla Products October 2025 1st Security Update Advisory

Tags:

Adobe Product Suite October 2025 Routine Security Update Advisory

Mozilla Products October 2025 1st Security Update Advisory