CVE-2025-42967

Name of the Vulnerable Software and Affected Versions SAP S/4HANA and SAP SCM versions S4CORE 102-108

Description SAP S/4HANA and SAP SCM Characteristic Propagation contains a remote code execution issue. An attacker with user-level or high privileges can create a new report containing malicious code, potentially gaining full control of the affected SAP system. This can have a high impact on the confidentiality, integrity, and availability of the application. The vulnerability involves improper code generation management, allowing remote execution of arbitrary code through a specially crafted report.

Recommendations SAP S/4HANA versions S4CORE 102 through 108: Update to patched versions immediately.