Privilege Escalation in SAP Netweaver System Configuration by SAP
CVE-2025-42953
8.1HIGH
Key Information:
- Vendor
SAP
- Vendor
- CVE Published:
- 8 July 2025
What is CVE-2025-42953?
The SAP Netweaver System Configuration lacks essential authorization checks for authenticated users, allowing unauthorized privilege escalation. This vulnerability can lead to complete compromise of the system's integrity and availability, although it does not affect its confidentiality. Proper security measures and patches are recommended to mitigate potential risks.
Affected Version(s)
SAP NetWeaver Application Server for ABAP SAP_BASIS 701
SAP NetWeaver Application Server for ABAP SAP_BASIS 702
SAP NetWeaver Application Server for ABAP SAP_BASIS 731