CVE-2025-42967

🗓️ 08 Jul 2025 00:36:23Reported by sapType

cve🔗 web.nvd.nist.gov📰️ 2 Media mentions👁 24 Views

SAP S/4HANA and SAP SCM have a remote code execution vulnerability that impacts system security.

Reporter	Title	Published	Views	Family All 10
BDU FSTEC	The vulnerability of the SAP S/4HANA resource planning system and the SAP SCM supply chain management software’s Characteristic Propagation mechanism lies in improper code generation management. This allows attackers to execute arbitrary code and gain unauthorized access to the system.	9 Jul 202500:00	–	bdu_fstec
Circl	CVE-2025-42967	8 Jul 202501:16	–	circl
CNNVD	SAP S/4HANA 安全漏洞	8 Jul 202500:00	–	cnnvd
Cvelist	CVE-2025-42967 Code Injection vulnerability in SAP S/4HANA and SAP SCM (Characteristic Propagation)	8 Jul 202500:36	–	cvelist
EUVD	EUVD-2025-20342	3 Oct 202520:07	–	euvd
NCSC	Vulnerabilities fixed in SAP products	9 Jul 202508:29	–	ncsc
NVD	CVE-2025-42967	8 Jul 202501:15	–	nvd
Positive Technologies	PT-2025-28286 · Sap · Sap S/4Hana +1	8 Jul 202500:00	–	ptsecurity
RedhatCVE	CVE-2025-42967	10 Jul 202501:30	–	redhatcve
Vulnrichment	CVE-2025-42967 Code Injection vulnerability in SAP S/4HANA and SAP SCM (Characteristic Propagation)	8 Jul 202500:36	–	vulnrichment

Vulners

Node

sap s/4hanaMatch713

sap scmMatch713

sap s/4hanaMatch714

sap scmMatch714

sap s4coreMatch102

sap s/4hanaMatch103

sap scmMatch103

sap s/4hanaMatch104

sap scmMatch104

sap s/4hanaMatch105

sap scmMatch105

sap s/4hanaMatch106

sap scmMatch106

sap s/4hanaMatch107

sap scmMatch107

sap s/4hanaMatch108

sap scmMatch108

sap s/4hanaMatch700

sap scmMatch700

sap s/4hanaMatch701

sap scmMatch701

sap s/4hanaMatch702

sap scmMatch702

sap s/4hanaMatch712

sap scmMatch712

[
  {
    "defaultStatus": "unaffected",
    "product": "SAP S/4HANA and SAP SCM (Characteristic Propagation)",
    "vendor": "SAP_SE",
    "versions": [
      {
        "status": "affected",
        "version": "SCMAPO 713"
      },
      {
        "status": "affected",
        "version": "714"
      },
      {
        "status": "affected",
        "version": "S4CORE 102"
      },
      {
        "status": "affected",
        "version": "103"
      },
      {
        "status": "affected",
        "version": "104"
      },
      {
        "status": "affected",
        "version": "S4COREOP 105"
      },
      {
        "status": "affected",
        "version": "106"
      },
      {
        "status": "affected",
        "version": "107"
      },
      {
        "status": "affected",
        "version": "108"
      },
      {
        "status": "affected",
        "version": "SCM 700"
      },
      {
        "status": "affected",
        "version": "701"
      },
      {
        "status": "affected",
        "version": "702"
      },
      {
        "status": "affected",
        "version": "712"
      }
    ]
  }
]

Source	Link
url	www.url.sap/sapsecuritypatchday
me	www.me.sap.com/notes/3618955

15 Apr 2026 00:35Current

7.5High risk

Vulners AI Score7.5

CVSS 3.19.9

EPSS0.02095

SSVC

CWE-94