PT-2025-32615 · Sap · Sap Netweaver Application Server Abap
Published
2025-08-12
·
Updated
2025-08-17
·
CVE-2025-42976
CVSS v3.1
8.1
High
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H |
Name of the Vulnerable Software and Affected Versions:
SAP NetWeaver Application Server ABAP (BIC Document) (affected versions not specified)
Description:
SAP NetWeaver Application Server ABAP (BIC Document) is susceptible to a crafted request that, when submitted to a BIC Document application, can cause a memory corruption error. Successful exploitation can lead to a crash of the target component, and repeated submissions may render the target completely unavailable. A similarly crafted request can also perform an out-of-bounds read operation, potentially revealing sensitive information loaded in memory. The vulnerability does not allow for modification of information.
Recommendations:
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Out of bounds Read
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Sap Netweaver Application Server Abap