Memory Storage Vulnerability in SAP GUI for Windows by SAP
CVE-2025-24870
6MEDIUM
What is CVE-2025-24870?
The SAP GUI for Windows contains a vulnerability where RFC service credentials are inadequately stored in memory. This flaw allows unauthenticated attackers to access sensitive information, leading to potential privilege escalation. Exploitation of this vulnerability may result in the exposure of critical data, although it does not compromise the integrity or availability of the system. Users are advised to apply the relevant security patches to mitigate risks associated with this vulnerability.
Affected Version(s)
SAP GUI for Windows BC-FES-GUI 8.00