REDLEGG BLOG

Emergency Security Bulletin: Multiple SAP NetWeaver Vulnerabilities

1/16/25 12:50 PM  |  by RedLegg's Cyber Threat Intelligence Team

About:

RedLegg will occasionally communicate vulnerabilities released outside the usual release schedule to provide additional value to our customers. These emergency bulletins describe vulnerabilities or threats we classify as the highest severity level and warrant out-of-band emergency patching or mitigation action.


VULNERABILITIES

Improper Authentication in SAP NetWeaver ABAP Server and ABAP Platform

 

CVSS Score: 9.9 (Critical)
Identifier: CVE-2025-0070
Exploit or POC: No known public proof of concept has been reported.
Update: CVE-2025-0070 – SAP Security Advisory

Description: CVE-2025-0070 is a critical vulnerability in SAP NetWeaver Application Server for ABAP and ABAP Platform. This flaw allows an authenticated attacker to gain unauthorized access by exploiting improper authentication checks, leading to privilege escalation. Successful exploitation can severely impact the confidentiality, integrity, and availability of the affected systems.

Mitigation Recommendation: Patching is currently the only method of mitigation. Please update to the latest software versions as listed in the SAP Security Advisory. Immediate patching is recommended to prevent potential exploitation.


Information Disclosure Vulnerability in SAP NetWeaver AS for ABAP and ABAP Platform

 

CVSS Score: 9.9 (Critical)
Identifier: CVE-2025-0066
Exploit or POC: No known public proof of concept has been reported.
Update: CVE-2025-0066 – SAP Security Advisory

Description: CVE-2025-0066 is a critical information disclosure vulnerability in SAP NetWeaver AS for ABAP and ABAP Platform, specifically within the Internet Communication Framework. This issue occurs due to weak access controls, allowing an attacker to access restricted information. Successful exploitation significantly compromises the confidentiality, integrity, and availability of the affected systems.

Mitigation Recommendation: Patching is currently the only method of mitigation. Please update to the latest software versions as listed in the SAP Security Advisory. Immediate patching is strongly recommended to protect systems from potential exploitation.


Improper Authorization in SAP NetWeaver AS ABAP and ABAP Platform

 

CVSS Score: 8.8 (High)
Identifier: CVE-2025-0063
Exploit or POC: No known public proof of concept has been reported.
Update: CVE-2025-0063 – SAP Security Advisory

Description: CVE-2025-0063 is a high-severity vulnerability in SAP NetWeaver AS ABAP and ABAP Platform. The flaw arises due to improper authorization checks when executing certain Remote Function Call (RFC) function modules. An attacker with basic user privileges could exploit this vulnerability to gain control over data in the Informix database, leading to a complete compromise of confidentiality, integrity, and availability.

Mitigation Recommendation: Patching is currently the only method of mitigation. Please update to the latest software versions as listed in the SAP Security Advisory. Immediate patching is recommended to prevent potential exploitation.


Information Disclosure Vulnerability in SAP BusinessObjects Business Intelligence Platform

 

CVSS Score: 8.7 (High)
Identifier: CVE-2025-0061
Exploit or POC: No known public proof of concept has been reported.
Update: CVE-2025-0061 – SAP Security Advisory

Description: CVE-2025-0061 is an information disclosure vulnerability in SAP BusinessObjects Business Intelligence Platform. This flaw allows an unauthenticated attacker to perform session hijacking over the network without any user interaction, potentially granting access to and modification of all data within the application.

Mitigation Recommendation: Patching is currently the only method of mitigation. Please update to the latest software versions as listed in the SAP Security Advisory. Immediate patching is recommended to prevent potential exploitation.

Get Blog Updates

Related Articles

Emergency Security Bulletin: SonicWall SMA1000 Appliances Vulnerability Bulletins

Emergency Security Bulletin: SonicWall SMA1000 Appliances

About: RedLegg will occasionally communicate vulnerabilities released outside the usual release schedule to provide ...
Critical Security Vulnerabilities Bulletin