SAP released a critical security update in October 2025 addressing a severe vulnerability in its NetWeaver software that allows attackers to take control of affected systems without needing a password. This flaw, present in the NetWeaver AS Java server, lets hackers send harmful commands through an open port, risking full system compromise. In India, where SAP NetWeaver is widely used by large enterprises and government sectors, this poses a significant risk to business operations. SAP has released patches to fix the issue and advised companies to install these updates immediately or temporarily restrict access to vulnerable ports to prevent attacks. The update reflects ongoing cybersecurity vigilance needed to protect vital enterprise systems from increasingly sophisticated threats in India’s growing digital economy.