CVE-2025-0070

🗓️ 14 Jan 2025 00:10:03Reported by sapType

Improper authentication in SAP NetWeaver ABAP allows privilege escalation and access issues.

Reporter	Title	Published	Views	Family All 12
Circl	CVE-2025-0070	14 Jan 202501:18	–	circl
CNNVD	SAP NetWeaver Application Server和SAP ABAP Platform 授权问题漏洞	13 Jan 202500:00	–	cnnvd
Cvelist	CVE-2025-0070 Improper Authentication in SAP NetWeaver ABAP Server and ABAP Platform	14 Jan 202500:10	–	cvelist
EUVD	EUVD-2025-1499	3 Oct 202520:07	–	euvd
NCSC	Vulnerabilities fixed in SAP products	14 Jan 202511:50	–	ncsc
NVD	CVE-2025-0070	14 Jan 202501:15	–	nvd
Positive Technologies	PT-2024-10300 · Sap · Sap Netweaver Application Server Abap +1	12 May 202400:00	–	ptsecurity
RedhatCVE	CVE-2025-0070	6 Feb 202502:13	–	redhatcve
Tenable Nessus	SAP NetWeaver AS ABAP Information Disclosure (3537476)	22 Jan 202500:00	–	nessus
Tenable Nessus	SAP NetWeaver AS ABAP Privilege Escalation (3537476)	22 Jan 202500:00	–	nessus

Vulners

Node

sap netweaver_as_abap_kernelMatch7.22

sap netweaver_application_server_abapMatch7.22

sap netweaver_application_server_abapMatch7.53

sap netweaver_application_server_abapMatch8.04

sap netweaver_application_server_abap_kernelMatch7.22

sap netweaver_application_server_abapMatch7.54

sap netweaver_application_server_abapMatch7.77

sap netweaver_application_server_abapMatch7.89

sap netweaver_application_server_abapMatch7.93

sap netweaver_application_server_abapMatch7.97

sap netweaver_application_server_abapMatch9.12

sap netweaver_application_server_abapMatch9.13

sap netweaver_application_server_abapMatch9.14

[
  {
    "defaultStatus": "unaffected",
    "product": "SAP NetWeaver Application Server for ABAP and ABAP Platform",
    "vendor": "SAP_SE",
    "versions": [
      {
        "status": "affected",
        "version": "KRNL64NUC 7.22"
      },
      {
        "status": "affected",
        "version": "7.22EXT"
      },
      {
        "status": "affected",
        "version": "KRNL64UC 7.22"
      },
      {
        "status": "affected",
        "version": "7.53"
      },
      {
        "status": "affected",
        "version": "8.04"
      },
      {
        "status": "affected",
        "version": "KERNEL 7.22"
      },
      {
        "status": "affected",
        "version": "7.54"
      },
      {
        "status": "affected",
        "version": "7.77"
      },
      {
        "status": "affected",
        "version": "7.89"
      },
      {
        "status": "affected",
        "version": "7.93"
      },
      {
        "status": "affected",
        "version": "7.97"
      },
      {
        "status": "affected",
        "version": "9.12"
      },
      {
        "status": "affected",
        "version": "9.13"
      },
      {
        "status": "affected",
        "version": "9.14"
      }
    ]
  }
]

Source	Link
me	www.me.sap.com/notes/3537476
url	www.url.sap/sapsecuritypatchday

15 Apr 2026 00:35Current

9.4High risk

Vulners AI Score9.4

CVSS 3.19.9

EPSS0.00159

SSVC

CWE-287