CVE-2025-42936

Name of the Vulnerable Software and Affected Versions: SAP NetWeaver Application Server for ABAP (affected versions not specified)

Description: The application server does not allow administrators to assign distinguished authorizations for different user roles. This allows authenticated users to access restricted objects in the barcode interface, potentially leading to privilege escalation. The issue has a low impact on the confidentiality and integrity of the application and does not affect availability.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.