June 25, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
AsyncRAT – Active IOCs
June 13, 2025
Multiple Mozilla Products Vulnerabilities
June 13, 2025
AsyncRAT – Active IOCs
June 13, 2025
Multiple Mozilla Products Vulnerabilities
June 13, 2025
Severity
High
Analysis Summary
CVE-2025-42982 CVSS:8.8
SAP GRC (AC Plugin) could allow a remote authenticated attacker to access and initiate transaction to modify or control the transmitted system credentials, caused by an missing authorization valuation.
CVE-2025-42977 CVSS:7.6
SAP NetWeaver Visual Composer could allow a remote authenticated attacker to traverse directories on the system to read or modify arbitrary files.
Impact
- Gain Access
- Data Manipulation
Indicators of Compromise
CVE
CVE-2025-42982
CVE-2025-42977
Affected Vendors
SAP
Affected Products
- SAP GRC (AC Plugin) V1100_700
- SAP GRC (AC Plugin) V1100_731
- SAP NetWeaver Visual Composer VCBASE 7.50
Remediation
Refer to SAP Security Advisory for patch, upgrade, or suggested workaround information.(Login Required)