- Description
- In certain conditions, SAP NetWeaver Application Server ABAP allows an authenticated attacker to craft a Remote Function Call (RFC) request to restricted destinations, which can be used to expose credentials for a remote service. These credentials can then be further exploited to completely compromise the remote service, potentially resulting in a significant impact on the confidentiality, integrity, and availability of the application.
- Source
- cna@sap.com
- NVD status
- Awaiting Analysis
CVSS 3.1
- Type
- Primary
- Base score
- 8.5
- Impact score
- 6
- Exploitability score
- 1.8
- Vector string
- CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
- Severity
- HIGH
- cna@sap.com
- CWE-94
- Hype score
- Not currently trending
🚨 CVE-2025-23186 🔴 HIGH (8.5) 🏢 SAP_SE - SAP NetWeaver Application Server ABAP 🏗️ KRNL64NUC 7.22 🔗 https://t.co/CvTKNIW8tR 🔗 https://t.co/f5sXJgkGmG #CyberCron #VulnAlert #InfoSec https://t.co/5euXlPrKMG
@cybercronai
8 Apr 2025
36 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
�� CVE-2025-23186 - SAP NetWeaver Application Server ABAP - HIGH 🚨 🗓️ Date published 2025-04-08 08:15:15 UTC #SAPNetWeaverApplicationServerABAP #CyberSecurity #InfoSec #Vulnerability #TechNews https://t.co/WdDORqlG1s
@vulns_space
8 Apr 2025
31 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes