VYPR

SAPSetup

by SAP

CVEs (3)

  • CVE-2025-0069HigJan 14, 2025
    risk 0.51cvss 7.8epss 0.00

    Due to DLL injection vulnerability in SAPSetup, an attacker with either local user privileges or with access to a compromised corporate user�s Windows account could gain higher privileges. With this, he could move laterally within the network and further compromise the active…

  • CVE-2023-29187Apr 11, 2023
    risk 0.00cvss epss 0.00

    A Windows user with basic user authorization can exploit a DLL hijacking attack in SapSetup (Software Installation Program) - version 9.0, resulting in a privilege escalation running code as administrator of the very same Windows PC. A successful attack depends on various…

  • CVE-2021-27608Apr 14, 2021
    risk 0.00cvss epss 0.00

    An unquoted service path in SAPSetup, version - 9.0, could lead to privilege escalation during the installation process that is performed when an executable file is registered. This could further lead to complete compromise of confidentiality, Integrity and Availability.