CVE-2026-27675 — Vulnetix

CVE-2026-27675 PUBLISHED CVSS 2 LOW

SAP Landscape Transformation contains a vulnerability in an RFC-exposed function module that could allow a high privileged adversary to inject arbitrary ABAP code and operating system commands. Due to this, some information could be modified, but the attacker does not have control over kind or degree. This leads to a low impact on integrity, while confidentiality and availability are not impacted.

Risk Scores

CVSS v3.1

CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:L/A:N

Affected Products

Vendor	Product	Versions
SAP_SE	SAP Landscape Transformation	DMIS 2011_1_700, 2011_1_710, 2011_1_730

Timeline

Apr 14, 2026 CVE Published
Apr 14, 2026 Security Advisory
Apr 17, 2026 CVE Updated

References

https://me.sap.com/notes/3723097 url
https://url.sap/sapsecuritypatchday url
https://nvd.nist.gov/vuln/detail/CVE-2026-27675 advisory
https://support.sap.com/en/my-support/knowledge-base/security-notes-news/april-2026.html advisory

Open in Interactive Console →