Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2025-42989

RFC inbound processing�does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. On successful exploitation the attacker could critically impact both integrity and availability of the application.

Published

2025-06-10T01:15:22.183

Last Modified

2025-06-12T16:06:39.330

Status

Awaiting Analysis

Source

[email protected]

Severity

CVSSv3.1: 9.6 (CRITICAL)

Weaknesses

Type: Secondary
CWE-862

Affected Vendors & Products

References

https://me.sap.com/notes/3600840 ([email protected])
https://url.sap/sapsecuritypatchday ([email protected])