CVE-2025-42943

SAP GUI for Windows may allow the leak of NTML hashes when specific ABAP frontend services are called with UNC paths. For a successful attack, the attacker needs developer authorization in a specific Application Server ABAP to make changes in the code, and the victim needs to execute by using SAP GUI for Windows. This could trigger automatic NTLM authentication, potentially exposing hashed credentials to an attacker. As a result, it has a high impact on the confidentiality.

CVSS v3 4.5 MEDIUM

4.5^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 0.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required HIGH

User Interaction REQUIRED

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://me.sap.com/notes/3627845
https://url.sap/sapsecuritypatchday

Configurations

No configuration.

History

12 Aug 2025, 14:25

Type	Values Removed	Values Added
Summary		(es) SAP GUI para Windows puede permitir la filtración de hashes NTML al llamar a servicios frontend ABAP específicos con rutas UNC. Para que un ataque tenga éxito, el atacante necesita la autorización del desarrollador en un servidor de aplicaciones ABAP específico para realizar cambios en el código, y la víctima debe ejecutarlos mediante SAP GUI para Windows. Esto podría activar la autenticación NTLM automática, lo que podría exponer las credenciales con hashes a un atacante. Por lo tanto, tiene un gran impacto en la confidencialidad.

12 Aug 2025, 03:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-08-12 03:15

Updated : 2025-08-12 14:25

NVD link : CVE-2025-42943

Mitre link : CVE-2025-42943

CVE.ORG link : CVE-2025-42943

JSON object : View

Products Affected

No product.

CWE

CWE-250

Execution with Unnecessary Privileges

4.5 /10