High severity8.1NVD Advisory· Published Jul 8, 2025· Updated Apr 15, 2026

CVE-2025-42953

Description

SAP Netweaver System Configuration does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. This could completely compromise the integrity and availability with no impact on confidentiality of the system.

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

me.sap.com/notes/3623440nvd
url.sap/sapsecuritypatchdaynvd

News mentions

No linked articles in our index yet.

cvss	0.526
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000