Description

SAP NetWeaver Application Server ABAP (BIC Document) allows an authenticated attacker to craft a request that, when submitted to a BIC Document application, could cause a memory corruption error. On successful exploitation, this results in the crash of the target component. Multiple submissions can make the target completely unavailable. A similarly crafted submission can be used to perform an out-of-bounds read operation as well, revealing sensitive information that is loaded in memory at that time. There is no ability to modify any information.

INFO

Published Date :

2025-08-12T02:10:06.835Z

Last Modified :

2025-08-13T20:19:41.155Z

Source :

sap
AFFECTED PRODUCTS

The following products are affected by CVE-2025-42976 vulnerability.

Vendors Products
Sap
  • Netweaver
  • Netweaver Application Server For Abap
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-42976.

URL Resource
https://me.sap.com/notes/3611184 cve-icon cve-icon
https://url.sap/sapsecuritypatchday cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact