1. Home
  2. CVE Database
  3. CVE-2025-42950
CRITICAL · 9.9

CVE-2025-42950

SAP Landscape Transformation (SLT) allows an attacker with user privileges to exploit a vulnerability in the function module exposed via RFC. This flaw enables the injection of arbitrary ABAP code int...

Vulnerability Description

SAP Landscape Transformation (SLT) allows an attacker with user privileges to exploit a vulnerability in the function module exposed via RFC. This flaw enables the injection of arbitrary ABAP code into the system, bypassing essential authorization checks. This vulnerability effectively functions as a backdoor, creating the risk of full system compromise, undermining the confidentiality, integrity and availability of the system.

CVSS Score

9.9

CRITICAL

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality
HIGH
Integrity
HIGH
Availability
HIGH

Related Weaknesses (CWE)

CWE-94

References

FAQ

What is CVE-2025-42950?

CVE-2025-42950 is a vulnerability with a CVSS score of 9.9 (CRITICAL). SAP Landscape Transformation (SLT) allows an attacker with user privileges to exploit a vulnerability in the function module exposed via RFC. This flaw enables the injection of arbitrary ABAP code int...

How severe is CVE-2025-42950?

CVE-2025-42950 has been rated CRITICAL with a CVSS base score of 9.9/10. This is considered a critical vulnerability requiring immediate attention.

Is there a patch for CVE-2025-42950?

Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.