Forwarded by Taiwan Computer Network Crisis Response and Coordination Center (TWCERTCC-200-202510-00000006)

[Description]
SAP Print Service is a cloud-based printing solution that transfers documents from the cloud to local printers and provides monitoring and management of print tracking. A recent SAP monthly update announcement revealed a critical security vulnerability (CVE-2025-42937, CVSS: 9.8) in this service. This vulnerability stems from insufficient validation of user-supplied path information, allowing an unauthenticated attacker to traverse directories and overwrite system files.

[Affected Platforms]
SAPSPRINT versions 8.00 and 8.10

[Recommended Action]
Please visit the official website for patching: https://support.sap.com/en/my-support/knowledge-base/security-notes-news/october-2025.html

[References]
https://www.twcert.org.tw/tw/cp-169-10444-360ca-1.html