5 matches found
Vulnerabilities fixed in SAP products
SAP has fixed vulnerabilities in several products, including SAP Financial Consolidation, SAP Landscape Transformation, SAP NetWeaver Application Server ABAP, SAP Commerce Cloud, SAP ERP BW, SAP BusinessObjects Business Intelligence Platform, SAP KMC WPC, SAP Solution Manager, SAP S4CORE, and SAP...
CVE-2025-27429
SAP S/4HANA allows an attacker with user privileges to exploit a vulnerability in the function module exposed via RFC. This flaw enables the injection of arbitrary ABAP code into the system, bypassing essential authorization checks. This vulnerability effectively functions as a backdoor, creating...
CVE-2025-27429
creationtimestamp| type| source ---|---|--- 2025-04-08 07:46:30+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/10868 2025-04-08 08:40:17+00:00| seen| https://bsky.app/profile/cyberalerts.bsky.social/post/3lmc3aojtmn2t 2025-04-08 09:18:10+00:00| seen|...
CVE-2025-27429
CVE-2025-27429 concerns SAP S/4HANA where a user-authenticated attacker can abuse a RFC-exposed function module to inject arbitrary ABAP code, bypassing authorization checks and potentially gaining full system compromise. The root cause is code injection via the RFC interface, enabling impact to ...
CVE-2025-27429 Code Injection Vulnerability in SAP S/4HANA (Private Cloud or On-Premise)
SAP S/4HANA allows an attacker with user privileges to exploit a vulnerability in the function module exposed via RFC. This flaw enables the injection of arbitrary ABAP code into the system, bypassing essential authorization checks. This vulnerability effectively functions as a backdoor, creating...