CVE-2025-0063

Name of the Vulnerable Software and Affected Versions SAP NetWeaver AS ABAP and ABAP Platform (affected versions not specified)

Description The issue is related to the lack of authorization checks when a user executes certain RFC function modules, potentially allowing an attacker with basic user privileges to gain control over data in the Informix database. This could lead to a complete compromise of confidentiality, integrity, and availability. The vulnerability may also be related to SQL injection, allowing a remote attacker to execute arbitrary code. Over 3,200 services are potentially affected.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.