CVE-2023-32113

Name of the Vulnerable Software and Affected Versions SAP GUI for Windows versions 7.70, 8.0

Description The issue allows an unauthorized attacker to gain NTLM authentication information of a victim by tricking them into clicking a prepared shortcut file. Depending on the authorizations of the victim, the attacker can read and modify potentially sensitive information after successful exploitation.

Recommendations For SAP GUI for Windows versions 7.70 and 8.0, consider avoiding the use of shortcut files from untrusted sources until a patch is available. As a temporary workaround, restrict access to sensitive information to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.