SAP-3554667 — Vulnetix

SAP-3554667 PUBLISHED

Mixed Dynamic RFC Destination vulnerability through Remote Function Call (RFC) in SAP NetWeaver Application Server ABAP Product: SAP NetWeaver Application Server ABAP, Versions - KRNL64NUC 7.22, 7.22EXT, KRNL64UC 7.22, 7.22EXT, 7.53, KERNEL 7.22, 7.53, 7.54, 7.77, 7.89, 7.93 Severity: High (CVSS 8.5)

Timeline

Jan 1, 2025 CVE Published

References

Mixed Dynamic RFC Destination vulnerability through Remote Function Call (RFC) in SAP NetWeaver Application Server ABAP advisory
https://support.sap.com/en/my-support/knowledge-base/security-notes-news/bulletin-2025.html advisory
https://www.cve.org/CVERecord?id=CVE-2025-23186 advisory

Open in Interactive Console →