CVE-2025-0070CRITICAL 9.9EPSS p47.4%

CVE-2025-0070CVE-2025-0070

Description

SAP NetWeaver Application Server for ABAP and ABAP Platform allows an authenticated attacker to obtain illegitimate access to the system by exploiting improper authentication checks, resulting in privilege escalation. On successful exploitation, this can result in potential security concerns. This results in a high impact on confidentiality, integrity, and availability.

Scoring

CVSS 3.19.9 (CRITICAL)
VectorCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
EPSS0.68% probability of exploitation · percentile 47.4% · 2026-06-18T12:00:27Z
Published2025-01-14
Last modified2026-04-15

Underlying weaknesses· 1

CWE-287

References

  1. https://me.sap.com/notes/3537476
  2. https://url.sap/sapsecuritypatchday

1

TypeTargetConfidenceTier
WeaknessImproper Authenticationcwe-2870%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2025-0066
CVE
CVE-2025-42953
CVE
CVE-2026-24310
CVE
CVE-2025-0063
CVE
CVE-2025-26661
CVE
CVE-2025-42958
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.