1. Home
  2. CVE Database
  3. CVE-2025-42979
MEDIUM · 5.6

CVE-2025-42979

The GuiXT application, which is integrated with SAP GUI for Windows, uses obfuscation algorithms instead of secure symmetric ciphers for storing the credentials of an RFC user on the client PC. This l...

Vulnerability Description

The GuiXT application, which is integrated with SAP GUI for Windows, uses obfuscation algorithms instead of secure symmetric ciphers for storing the credentials of an RFC user on the client PC. This leads to a high impact on confidentiality because any attacker who gains access to the user hive of this user�s windows registry could recreate the original password. There is no impact on integrity or availability of the application

CVSS Score

5.6

MEDIUM

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality
HIGH
Integrity
NONE
Availability
NONE

Related Weaknesses (CWE)

CWE-922

References

FAQ

What is CVE-2025-42979?

CVE-2025-42979 is a vulnerability with a CVSS score of 5.6 (MEDIUM). The GuiXT application, which is integrated with SAP GUI for Windows, uses obfuscation algorithms instead of secure symmetric ciphers for storing the credentials of an RFC user on the client PC. This l...

How severe is CVE-2025-42979?

CVE-2025-42979 has been rated MEDIUM with a CVSS base score of 5.6/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2025-42979?

Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.