CVE-2025-42929 HIGH

CVE-2025-42929: Missing input validation vulnerability in SAP Landscape Transformation Replication Server

Vendor Sap_Se
Product SAP Landscape Transformation Replication Server
Weakness CWE-1287
Published September 9, 2025
Last update September 9, 2025

CVSS base score

8.1/10
Attack vector Adjacent
Attack complexity Low
Privileges required High
User interaction None
Confidentiality None
Integrity High

CVSS vector

CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:H

What the vulnerability does

01Description

Due to missing input validation, an attacker with high privilege access to ABAP reports could delete the content of arbitrary database tables, if the tables are not protected by an authorization group. This leads to a high impact on integrity and availability of the database.

Key dates

02Disclosure timeline

September 9, 2025 CVE published
September 9, 2025 Record updated