CVE-2025-42953

Published Jul 8, 2025

Last updated 10 days ago

CVSS high 8.1

Overview

Description
SAP Netweaver System Configuration does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. This could completely compromise the integrity and availability with no impact on confidentiality of the system.
Source
cna@sap.com
NVD status
Awaiting Analysis

Risk scores

CVSS 3.1

Type
Primary
Base score
8.1
Impact score
5.2
Exploitability score
2.8
Vector string
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
Severity
HIGH

Weaknesses

cna@sap.com
CWE-862

Social media

Hype score
Not currently trending

  1. CVE-2025-42953 (CVSS:8.1, HIGH) is Awaiting Analysis. SAP Netweaver System Configuration does not perform necessary authorization checks for an authenticated user, resulting ..https://t.co/vteyWb2u4w #cybersecurityawareness #cybersecurity #CVE #infosec #hacker #nvd #mitre

    @cracbot

    13 Jul 2025

    7 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

References

Sources include official advisories and independent security research.