CVE-2021-44235

Name of the Vulnerable Software and Affected Versions: SAP NetWeaver AS ABAP versions 700, 701, 702, 710, 711, 730, 731, 740, 750, 751, 752, 753, 754, 755, 756

Description: The issue allows an attacker with high privileges and direct access to the SAP System to inject code when executing a certain transaction class builder. This could enable the execution of arbitrary commands on the operating system, potentially highly impacting the Confidentiality, Integrity, and Availability of the system.

Recommendations: For SAP NetWeaver AS ABAP versions 700, 701, 702, 710, 711, 730, 731, 740, 750, 751, 752, 753, 754, 755, 756, consider restricting access to the utility class methods to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.