Primary

Context

SAP NetWeaver and ABAP Platform Memory Corruption Vulnerability Allowing Confidentiality Leakage

Vulnerability

A vulnerability exists in SAP NetWeaver and ABAP Platform (Application Server ABAP) due to improper memory management. An authenticated attacker could exploit logical errors by sending specially crafted input with unique characters that are incorrectly processed. This exploitation may lead to memory corruption and the unintentional leakage of memory contents. While the vulnerability could allow for some confidentiality loss, it does not impact the application's integrity or availability.

Impact

Exploitation of this vulnerability could result in memory corruption and the unauthorized leakage of memory contents, potentially exposing sensitive information.

Remediation

Security fixes for this vulnerability will be included in the SAP Security Patch Day updates. The next scheduled SAP Security Patch Day is on March 10, 2026.

Added: Feb 10, 2026, 7:22 AM

Updated: Feb 10, 2026, 7:22 AM

Vulnerability Rating

Custom Algorithm

spread

6.2

impact

0.6

exploitability

5.2

remediation

6.0

relevance

3.0

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

6.2

impact

0.6

exploitability

5.2

remediation

6.0

relevance

3.0

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

SAP NetWeaver and ABAP Platform Memory Corruption Vulnerability Allowing Confidentiality Leakage

Vulnerability

Impact

Remediation

Affected Products

SAP NetWeaver

SAP ABAP Platform

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating