CVE-2025-42943

Name of the Vulnerable Software and Affected Versions: SAP GUI for Windows (affected versions not specified)

Description: SAP GUI for Windows may allow the leak of NTML hashes when specific ABAP frontend services are called with UNC paths. A successful attack requires developer authorization in a specific Application Server ABAP to make code changes, and the victim must execute the process using SAP GUI for Windows. This could trigger automatic NTLM authentication, potentially exposing hashed credentials to an attacker, resulting in a high impact on confidentiality.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.