22 matches found
CVE-2026-24317
SAP GUI for Windows allows DLL files to be loaded from arbitrary directories within the application. An unauthenticated attacker could exploit this vulnerability by persuading a victim to place a malicious DLL within one of these directories. The malicious command is executed in the victim user's...
EUVD-2026-10453
SAP GUI for Windows allows DLL files to be loaded from arbitrary directories within the application. An unauthenticated attacker could exploit this vulnerability by persuading a victim to place a malicious DLL within one of these directories. The malicious command is executed in the victim user's...
CVE-2026-24317 DLL Hijacking vulnerability in SAP GUI for Windows with active GuiXT
SAP GUI for Windows allows DLL files to be loaded from arbitrary directories within the application. An unauthenticated attacker could exploit this vulnerability by persuading a victim to place a malicious DLL within one of these directories. The malicious command is executed in the victim user's...
CVE-2026-24317 DLL Hijacking vulnerability in SAP GUI for Windows with active GuiXT
SAP GUI for Windows allows DLL files to be loaded from arbitrary directories within the application. An unauthenticated attacker could exploit this vulnerability by persuading a victim to place a malicious DLL within one of these directories. The malicious command is executed in the victim user's...
SAP GUI for Windows 代码问题漏洞
SAP GUI for Windows is an interface graphical software for Windows developed by the German company SAP. SAP GUI for Windows has a code vulnerability that stems from allowing DLL files to be loaded from any directory within the application. This vulnerability may allow malicious commands to be...
EUVD-2025-60990
SAP GUI for Windows may allow a highly privileged user on the affected client PC to locally access sensitive information stored in process memory during runtime.This vulnerability has a high impact on confidentiality, with no impact on integrity and availability...
CVE-2025-42888
SAP GUI for Windows may allow a highly privileged user on the affected client PC to locally access sensitive information stored in process memory during runtime.This vulnerability has a high impact on confidentiality, with no impact on integrity and availability...
CVE-2025-42888
CVE-2025-42888 describes an information disclosure in SAP GUI for Windows where a highly privileged user on the affected client PC can locally access sensitive information stored in process memory during runtime. The impact is confined to confidentiality; no integrity/availability impact is indic...
CVE-2025-42888 Information Disclosure vulnerability in SAP GUI for Windows
SAP GUI for Windows may allow a highly privileged user on the affected client PC to locally access sensitive information stored in process memory during runtime.This vulnerability has a high impact on confidentiality, with no impact on integrity and availability...
CVE-2025-42943 Information Disclosure in SAP GUI for Windows
SAP GUI for Windows may allow the leak of NTML hashes when specific ABAP frontend services are called with UNC paths. For a successful attack, the attacker needs developer authorization in a specific Application Server ABAP to make changes in the code, and the victim needs to execute by using SAP...
SAP GUI for Windows 安全漏洞
SAP GUI for Windows is an interface graphics software for Windows from SAP, Germany. A security vulnerability exists in SAP GUI for Windows that originates from a possible disclosure of NTML hashes when calling certain ABAP front-end services...
CVE-2021-21448
SAP GUI for Windows, version - 7.60, allows an attacker to spoof logon credentials for Application Server ABAP backend systems in the client PCs memory. Under certain conditions the attacker can access information which would otherwise be restricted. The exploit can only be executed locally on th...
CVE-2025-24870
CVE-2025-24870 affects SAP GUI for Windows (and RFC service) where credentials are stored in the process memory. This can allow an unauthenticated (local) attacker to access sensitive information and cause privilege escalation, with confidentiality impact but no reported integrity/availability im...
PT-2024-9863 · Sap · Sap Gui For Windows
Name of the Vulnerable Software and Affected Versions: SAP GUI for Windows affected versions not specified Description: The issue is related to the SAP GUI for Windows, where under certain conditions, the memory contains the password used to log on to an SAP system. This could allow an attacker t...
PT-2023-31265 · Sap · Sap Gui For Windows +1
Name of the Vulnerable Software and Affected Versions: SAP GUI for Windows and SAP GUI for Java - versions SAP BASIS 755, SAP BASIS 756, SAP BASIS 757, SAP BASIS 758 Description: The issue allows an unauthenticated attacker to access information which would otherwise be restricted and confidentia...
CVE-2023-32113
SAP GUI for Windows - version 7.70, 8.0, allows an unauthorized attacker to gain NTLM authentication information of a victim by tricking it into clicking a prepared shortcut file. Depending on the authorizations of the victim, the attacker can read and modify potentially sensitive information aft...
PT-2023-23622 · Sap · Sap Gui For Windows
Name of the Vulnerable Software and Affected Versions: SAP GUI for Windows versions 7.70, 8.0 Description: The issue allows an unauthorized attacker to gain NTLM authentication information of a victim by tricking them into clicking a prepared shortcut file. Depending on the authorizations of the...
CVE-2021-40503
An information disclosure vulnerability exists in SAP GUI for Windows - versions 7.60 PL13, 7.70 PL4, which allows an attacker with sufficient privileges on the local client-side PC to obtain an equivalent of the user’s password. With this highly sensitive data leaked, the attacker would be able ...
CVE-2021-27612
In specific situations SAP GUI for Windows until and including 7.60 PL9, 7.70 PL0, forwards a user to specific malicious website which could contain malware or might lead to phishing attacks to steal credentials of the victim...
CVE-2019-0365
SAP Kernel RFC, KRNL32NUC, KRNL32UC and KRNL64NUC before versions 7.21, 7.21EXT, 7.22, 7.22EXT, KRNL64UC, before versions 7.21, 7.21EXT, 7.22, 7.22EXT, 7.49, 7.73 and KERNEL before versions 7.21, 7.49, 7.53, 7.73, 7.76 SAP GUI for Windows BC-FES-GUI before versions 7.5, 7.6, and SAP GUI for Java...