Privilege Escalation in SAP Service Parts Management by SAP
CVE-2025-43009
6.3MEDIUM
What is CVE-2025-43009?
The SAP Service Parts Management (SPM) application lacks sufficient authorization checks for authenticated users. This vulnerability could enable unauthorized individuals to gain elevated privileges within the system, potentially leading to unauthorized actions that compromise the security of the application. The issue may not severely impact confidentiality, integrity, or availability, but immediate attention and remediation are recommended to prevent potential exploitation.
Affected Version(s)
SAP Service Parts Management (SPM) SAP_APPL 600
SAP Service Parts Management (SPM) 602
SAP Service Parts Management (SPM) 603