← voltar
CVE-2026-27675

Code Injection vulnerability in SAP Landscape Transformation

CVSS 2 LOWEPSS 0.2%CWE-94
Vexday Risk Score
8Baixo
Decisão SSVC (CISA)
Track
Sem sinal de exploração → monitorar
CVSS 2EPSS 0.2%KEV nãoPoC Nuclei Metasploit Patch
Ciclo de vida
14 abr 2026Publicada no NVD
Recomendação: Monitorar — sem sinal de exploração no momento.
SAP Landscape Transformation contains a vulnerability in an RFC-exposed function module that could allow a high privileged adversary to inject arbitrary ABAP code and operating system commands. Due to this, some information could be modified, but the attacker does not have control over kind or degree. This leads to a low impact on integrity, while confidentiality and availability are not impacted.
CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:L/A:N
Produtos afetados
SAP_SE · SAP Landscape Transformation

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://me.sap.com/notes/3723097https://url.sap/sapsecuritypatchday