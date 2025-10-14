Pakistan’s National Computer Emergency Response Team (National CERT) has issued an urgent cybersecurity advisory after identifying high-severity vulnerabilities in SAP NetWeaver, an enterprise software platform widely used by corporate firms, banks, and government departments across the country.

According to the advisory, the vulnerabilities could allow remote attackers to execute system commands, upload malicious files, and bypass authentication, potentially giving them full control of affected servers. Experts warn that the flaws could be exploited to disrupt critical services and steal sensitive financial or administrative data.

National CERT identified three key vulnerabilities — CVE-2025-42944, CVE-2025-42922, and CVE-2025-42958 — all rated as critical. The most severe, CVE-2025-42944, carries a CVSS score of 10.0 and enables unauthenticated remote code execution, allowing hackers to issue operating system commands without logging in. The other two flaws permit unauthorised file uploads and authentication bypass, heightening the overall risk.

The vulnerabilities affect modules within SAP NetWeaver, a system extensively deployed by Pakistan’s public institutions, telecom operators, energy firms, and large enterprises. A successful exploit could paralyse financial transactions, interrupt public services, or compromise confidential government databases.

SAP has released patches under notes 3643501, 3643865, and 3642961 (September 2025) to address these flaws. National CERT has urged immediate installation of updates, restriction of network access to vulnerable modules, and enhanced monitoring for suspicious activity.

How Organisations Can Stay Safe

Cybersecurity experts recommend that organisations using SAP take immediate preventive measures to reduce their exposure. These include applying the latest patches released by SAP without delay, restricting public internet access to internal enterprise modules, and implementing multi-factor authentication (MFA) for administrative accounts. Regular log audits, network segmentation, and the deployment of intrusion detection and prevention systems (IDS/IPS) are also advised. Additionally, institutions should train staff to recognise phishing attempts that could be used to exploit vulnerable systems. Maintaining offline data backups and routinely testing recovery plans are equally essential to ensure operational continuity in case of an attack.

The advisory cautions that delayed patching could result in complete system compromise, data exfiltration, and operational shutdowns, posing serious challenges to Pakistan’s cybersecurity resilience.

