SAP has released out-of-band emergency updates for NetWeaver to fix an actively exploited remote code execution (RCE) vulnerability used to hijack servers. […]
from https://www.bleepingcomputer.com/news/security/sap-fixes-critical-netweaver-flaw-exploited-in-attacks/