CVE-2025-0066

The affected software is SAP NetWeaver AS for ABAP and ABAP Platform, specifically the Internet Communication Framework. This issue arises from weak access controls, allowing attackers to access restricted information and potentially compromising application integrity, confidentiality, and availability. An exploit for this issue can be used to access data within the application.

The vulnerable software versions are not explicitly stated, but the issue is reported to affect SAP services, including SQL injection, improper authentication, and DLL hijacking.

More information can be found at the provided links, including the vendor's advisory. #SAPNetWeaver #ABAPPlatform #InternetCommunicationFramework #cybersecurity #SAPvulnerabilities #accesscontrols #dataexposure #SQLinjection #improperauthentication #DLLhijacking