SAP GUI for Java Vulnerability in User Input Data Handling
CVE-2025-0056

Currently unrated

Key Information:

Vendor
SAP
Vendor
CVE Published:
14 January 2025

Summary

The SAP GUI for Java application stores user input locally on client machines to enhance user experience. This mechanism can be exploited by an attacker who gains administrative privileges or access to the user's operating system environment. Such access allows the attacker to retrieve stored user input, which can include sensitive information. If compromised, this could lead to severe implications for confidentiality and data privacy, as the disclosed information varies from benign to highly sensitive based on user interactions.

References

https://me.sap.com/notes/3502459
https://url.sap/sapsecuritypatchday

Timeline

  • Vulnerability published

.
🍪 This website uses cookies, like every other website on the internet 😕 By using our website, you consent to the use of cookies.