CVE-2020-6234

Name of the Vulnerable Software and Affected Versions: SAP Host Agent version 7.21

Description: The issue is related to insufficient access control in the SAP Host Agent, allowing a remote attacker to escalate privileges to the root level. This can be achieved by an attacker with admin privileges using the operation framework to gain root privileges over the underlying operating system.

Recommendations: For SAP Host Agent version 7.21, consider restricting access to the operation framework to prevent privilege escalation until a patch is available. As a temporary workaround, limit the use of admin privileges to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.