- Description
- SAP GUI for Windows & RFC service credentials are incorrectly stored in the memory of the program allowing an unauthenticated attacker to access information within systems, resulting in privilege escalation. On successful exploitation, this could result in disclosure of highly sensitive information. This has no impact on integrity, and availability.
- Source
- cna@sap.com
- NVD status
- Awaiting Analysis
CVSS 3.1
- Type
- Secondary
- Base score
- 6
- Impact score
- 4
- Exploitability score
- 1.5
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N
- Severity
- MEDIUM
- cna@sap.com
- CWE-921
- Hype score
- Not currently trending
🚨 CVE-2025-24870 🟠 MEDIUM (6) 🏢 SAP_SE - SAP GUI for Windows 🏗️ BC-FES-GUI 8.00 🔗 https://t.co/oHrVVSJay1 🔗 https://t.co/f5sXJgkGmG #CyberCron #VulnAlert https://t.co/wqqct84qMm
@cybercronai
12 Feb 2025
22 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-24870 SAP GUI for Windows & RFC service credentials are incorrectly stored in the memory of the program allowing an unauthenticated attacker to access information within sy… https://t.co/yIiJtTHRV5
@CVEnew
11 Feb 2025
304 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes