Authorization Flaw in SAP ABAP Application Server Allows Privilege Escalation
CVE-2026-44751
7.1HIGH
Key Information:
- Vendor
SAP
- Vendor
- CVE Published:
- 9 June 2026
What is CVE-2026-44751?
The SAP ABAP Application Server contains a flaw in its authorization checks for authenticated users. This vulnerability allows malicious actors to execute unauthorized report generation commands, potentially overwriting data belonging to other users. As a result, attackers may gain elevated privileges within the system, compromising the integrity of user information. While this issue primarily affects the integrity of the application by allowing unauthorized data access, it does not compromise the overall availability or confidentiality of the system.
Affected Version(s)
SAP NetWeaver AS ABAP and ABAP Platform SAP_BASIS 700
SAP NetWeaver AS ABAP and ABAP Platform SAP_BASIS 701
SAP NetWeaver AS ABAP and ABAP Platform SAP_BASIS 702