CVE-2025-0070

CVE-2025-0070

Information

CVE_ID              : CVE-2025-0070
Severity            : CRITICAL
Published        : 2025-01-14T01:15:17.427
LastModified  : 2025-01-14T01:15:17.427
Updated          : 2025-01-14T01:15:17.427
Status              : Awaiting Analysis

Descriptions:

SAP NetWeaver Application Server for ABAP and ABAP Platform allows an authenticated attacker to obtain illegitimate access to the system by exploiting improper authentication checks, resulting in privilege escalation. On successful exploitation, this can result in potential security concerns. This results in a high impact on confidentiality, integrity, and availability.


Know Exploitability

Exploitability : False

Vendor Affected

CVE-2025-0070

V4.0

V3.1

Score : 9.9
Severity : CRITICAL
Attack Vector : NETWORK
Attack Complexity : LOW
Privileges Required : LOW
User Interaction : NONE
Scope : CHANGED
Confidentiality Impact : HIGH
Integrity Impact : HIGH
Availability Impact : HIGH
Exploitability : 3.1
Impact Score : 6.0

V3.0

V2.0

References

https://me.sap.com/notes/3537476

https://url.sap/sapsecuritypatchday

Vendor Product