Replay Attack Vulnerability in SAP Systems
CVE-2025-42959

8.1HIGH

Key Information:

Vendor: SAP
Status: SAP Netweaver Abap Server And Abap Platform
Vendor: CVE Published:; 8 July 2025

What is CVE-2025-42959?

An unauthenticated attacker can exploit a vulnerability in SAP systems tied to the improper handling of Hashed Message Authentication Codes (HMAC). This occurs when HMAC credentials from a vulnerable system are reused in a replay attack targeting a different system. Even if the targeted SAP system has all the necessary patches applied, attackers can still achieve full system compromise. This can severely impact the confidentiality, integrity, and availability of the system, underscoring the necessity for consistent security measures and patch management.

Affected Version(s)

SAP NetWeaver ABAP Server and ABAP Platform SAP_BASIS 700

SAP NetWeaver ABAP Server and ABAP Platform SAP_BASIS 701

SAP NetWeaver ABAP Server and ABAP Platform SAP_BASIS 702

References

https://me.sap.com/notes/3600846

https://url.sap/sapsecuritypatchday

CVSS V3.1

Score:

8.1

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 8, 2025
Vulnerability Reserved
Apr 16, 2025