CVE-2026-27675
Code Injection vulnerability in SAP Landscape Transformation
Vexday Risk Score
8Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS 2EPSS 0.2%KEV nãoPoC —Nuclei —Metasploit —Patch —
Ciclo de vida
14 abr 2026Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
SAP Landscape Transformation contains a vulnerability in an RFC-exposed function module that could allow a high privileged adversary to inject arbitrary ABAP code and operating system commands. Due to this, some information could be modified, but the attacker does not have control over kind or degree. This leads to a low impact on integrity, while confidentiality and availability are not impacted.
CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:L/A:N
Productos afectados
SAP_SE · SAP Landscape Transformation¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →