Privilege Escalation Vulnerability in SAP Cloud Appliance Library Appliances
CVE-2025-42909
3LOW
Key Information:
- Vendor
SAP
- Vendor
- CVE Published:
- 14 October 2025
What is CVE-2025-42909?
A privilege escalation vulnerability exists within SAP Cloud Appliance Library Appliances, allowing attackers with high-level privileges to exploit a default profile configuration in SAP S/4HANA. This misconfiguration enables unauthorized access to other SAP CAL appliances, potentially impacting user data. While this vulnerability has limited implications for confidentiality, it raises concerns regarding the overall security posture of affected systems and necessitates prompt remediation.
Affected Version(s)
SAP Cloud Appliance Library Appliances TITANIUM_WEBAPP 4.0