CVE-2025-0066

CVE-2025-0066

Information

CVE_ID              : CVE-2025-0066
Severity            : CRITICAL
Published        : 2025-01-14T01:15:16.783
LastModified  : 2025-10-23T19:06:57.513
Updated          : 2025-10-23T19:06:57.513
Status              : Analyzed

Descriptions:

Under certain conditions SAP NetWeaver AS for ABAP and ABAP Platform (Internet Communication Framework) allows an attacker to access restricted information due to weak access controls. This can have a significant impact on the confidentiality, integrity, and availability of an application


Know Exploitability

Exploitability : False

Vendor Affected

sap

CVE-2025-0066

V4.0

V3.1

Score : 9.9
Severity : CRITICAL
Attack Vector : NETWORK
Attack Complexity : LOW
Privileges Required : LOW
User Interaction : NONE
Scope : CHANGED
Confidentiality Impact : HIGH
Integrity Impact : HIGH
Availability Impact : HIGH
Exploitability : 3.1
Impact Score : 6.0

V3.0

V2.0

References

https://me.sap.com/notes/3550708

https://url.sap/sapsecuritypatchday

Vendor Product
sap
  • sap_basis700****
  • sap_basis701****
  • sap_basis702****
  • sap_basis731****
  • sap_basis740****
  • sap_basis750****
  • sap_basis751****
  • sap_basis752****
  • sap_basis753****
  • sap_basis754****
  • sap_basis755****
  • sap_basis756****
  • sap_basis757****
  • sap_basis758****
  • sap_basis912****
  • sap_basis913****
  • sap_basis914****