A recently patched SAP S/4HANA vulnerability is being exploited in the wild.

The attacks were discovered by security firm SecurityBridge last week: https://securitybridge.com/blog/critical-sap-s-4hana-code-injection-vulnerability-cve-2025-42957/