exploitDog

CVE-2025-27429

Опубликовано: 08 апр. 2025

Источник: nvd

CVSS3: 9.9

EPSS Низкий

Описание

SAP S/4HANA allows an attacker with user privileges to exploit a vulnerability in the function module exposed via RFC. This flaw enables the injection of arbitrary ABAP code into the system, bypassing essential authorization checks. This vulnerability effectively functions as a backdoor, creating the risk of full system compromise, undermining the confidentiality, integrity and availability of the system.

Ссылки

EPSS

Процентиль: 60%

0.0039

Низкий

9.9 Critical

CVSS3

Дефекты

CWE-94

Связанные уязвимости

GHSA-87hf-jhfp-wp4g

CVSS3: 9.9

github

10 месяцев назад

SAP S/4HANA allows an attacker with user privileges to exploit a vulnerability in the function module exposed via RFC. This flaw enables the injection of arbitrary ABAP code into the system, bypassing essential authorization checks. This vulnerability effectively functions as a backdoor, creating the risk of full system compromise, undermining the confidentiality, integrity and availability of the system.

BDU:2025-04231

CVSS3: 9.9

fstec

10 месяцев назад

Уязвимость функционального модуля RFC-интерфейса программной платформы SAP S/4HANA, позволяющая нарушителю выполнить произвольный код

EPSS

Процентиль: 60%

0.0039

Низкий

9.9 Critical

CVSS3

Дефекты

CWE-94