- Description
- SAP NetWeaver Application Server for ABAP and ABAP Platform allows an authenticated attacker to obtain illegitimate access to the system by exploiting improper authentication checks, resulting in privilege escalation. On successful exploitation, this can result in potential security concerns. This results in a high impact on confidentiality, integrity, and availability.
- Source
- cna@sap.com
- NVD status
- Received
CVSS 3.1
- Type
- Secondary
- Base score
- 9.9
- Impact score
- 6
- Exploitability score
- 3.1
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
- Severity
- CRITICAL
- cna@sap.com
- CWE-287
- Hype score
- Not currently trending
#Vulnerability #CVE20250061 Critical SAP Flaws Revealed: CVE-2025-0070 and CVE-2025-0066 with CVSS 9.9 Demand Immediate Action https://t.co/IqaexWtlW3
@Komodosec
7 Feb 2025
12 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
📣 SAP Security Patch Day – January 2025 📣 Ocak ayı güvenlik yamaları ile ilgili Sap notları yayınlandı! CVSS skoru 9.9/10 olanlar 3537476 - [CVE-2025-0070] 3550708 - [CVE-2025-0066] #basisci #sap #security #sapbasis #basis #sapsolutions #sapnews #SAPSecurityPatchDay https
@basiscicom
22 Jan 2025
6 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-0066 CVE-2025-0070 Multiple SAP NetWeaver Application Server for ABAP Platforms allowing authenticated attacker to obtain illegitimate access by exploiting improper auth checks, resulting in privilege escalations Base 9.9, Impact 6.0, Network https://t.co/ZQ7rKnnpkJ
@vFeed_IO
22 Jan 2025
80 Impressions
0 Retweets
4 Likes
0 Bookmarks
0 Replies
0 Quotes
Security Bulletin: Multiple SAP NetWeaver Vulnerabilities - CVE-2025-0070; CVE-2025-0066; CVE-2025-0063; CVE-2025-0061 - Please update to the latest software versions as listed in the SAP Security Advisory #RedLeggCTI #ThreatIntel #SAP https://t.co/rVIAVTKdSj
@RedLegg
16 Jan 2025
6 Impressions
0 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes
SAP Güvenlik Açıkları: CVE-2025-0070 ve CVE-2025-0066 – Kritik Düzeyde Tehditler! https://t.co/QZbGuzb34Z
@cyberwebeyeos
14 Jan 2025
19 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
SAP’s Patch Day Pile-Up: Critical Bugs, Hot Fixes, and a Dash of SQL Drama! Hot Take: In the ever-thrilling world of cybersecurity, SAP's January 2025 Patch Day comes in like a superhero with 14 capes, ready to save the day from villains with names like CVE-2025-0070. Who knew…
@TheNimbleNerd
14 Jan 2025
29 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
SAP’s Patch Day Pile-Up: Critical Bugs, Hot Fixes, and a Dash of SQL Drama! Hot Take: In the ever-thrilling world of cybersecurity, SAP's January 2025 Patch Day comes in like a superhero with 14 capes, ready to save the day from villains with names like CVE-2025-0070. Who knew…
@TheNimbleNerd
14 Jan 2025
31 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-0070 Privilege Escalation in SAP NetWeaver via Improper Authentication ... https://t.co/xbFIfkTCRy Vulnerability Alert Subscriptions: https://t.co/hrQhy5uz4x
@VulmonFeeds
14 Jan 2025
10 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[CVE-2025-0070: CRITICAL] Improper authentication checks in SAP NetWeaver ABAP lead to privilege escalation, posing high risks to system security - impacting confidentiality, integrity, and availability.#cybersecurity,#vulnerability https://t.co/w90wECiRQj https://t.co/Wy63hUpYuY
@CveFindCom
14 Jan 2025
10 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes