SAP Products Multiple Vulnerabilities

Release Date: 12 Nov 2025

RISK: Medium Risk

TYPE: Clients - Productivity Products

Multiple vulnerabilities were identified in SAP Products. A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition, elevation of privilege, remote code execution, sensitive information disclosure and data manipulation on the targeted system.

---

Impact

• Remote Code Execution
• Denial of Service
• Information Disclosure
• Elevation of Privilege
• Data Manipulation

---

System / Technologies affected

Please refer to the link below for detail:

• https://support.sap.com/en/my-support/knowledge-base/security-notes-news/november-2025.html

---

Solutions

Before installation of the software, please visit the vendor web-site for more details.

 

Apply fixes issued by the vendor:

• https://support.sap.com/en/my-support/knowledge-base/security-notes-news/november-2025.html

---

Vulnerability Identifier

• CVE-2025-23191
• CVE-2025-42882
• CVE-2025-42883
• CVE-2025-42884
• CVE-2025-42885
• CVE-2025-42886
• CVE-2025-42887
• CVE-2025-42888
• CVE-2025-42889
• CVE-2025-42890
• CVE-2025-42892
• CVE-2025-42893
• CVE-2025-42894
• CVE-2025-42895
• CVE-2025-42897
• CVE-2025-42899
• CVE-2025-42919
• CVE-2025-42924
• CVE-2025-42940
• CVE-2025-42944

---

Source

• SAP

---

Related Link

• https://support.sap.com/en/my-support/knowledge-base/security-notes-news/november-2025.html