What is CVE-2025-43010 — RCE in SAP S/4HANA Cloud Private Edition?

CVE-2025-43010 is a Remote Code Execution vulnerability in SAP S/4HANA Cloud Private Edition allowing authenticated attackers to replace ABAP programs, impacting integrity and availability.

How do I fix CVE-2025-43010 in SAP S/4HANA Cloud Private Edition?

Upgrade to SAP S/4HANA Cloud Private Edition version 700.0.1 or later. Implement stricter access controls as a temporary workaround.

Is CVE-2025-43010 being actively exploited?

There are currently no confirmed reports of active exploitation, but the vulnerability's potential impact warrants immediate attention.

Where can I find the official SAP advisory for CVE-2025-43010?

Refer to the official SAP Security Notes for detailed information and remediation steps. Check the SAP Support Portal for the latest advisory.

HIGHCVE-2025-43010CVSS 8.3

Vulnerabilidade de injeção de código no SAP S/4HANA Cloud Private Edition ou On Premise (Camada de Dados Mestre (MDL) SCM)

Q: Am I affected by CVE-2025-43010 in SAP S/4HANA Cloud Private Edition?

You are affected if you are using SAP S/4HANA Cloud Private Edition or On Premise (SCM Master Data Layer (MDL)) versions ≤700.

Plataforma

sap

Componente

sap-s-4hana-cloud-private-edition-or-on-premise-scm-master-data-layer-mdl

Vulnerabilidade de injeção de código no SAP S/4HANA Cloud Private Edition ou On Premise (Camada de Dados Mestre (MDL) SCM)

Impacto e Cenários de Ataquetraduzindo…

Contexto de Exploraçãotraduzindo…

Quem Está em Riscotraduzindo…

Passos de Detecçãotraduzindo…

Linha do Tempo do Ataque

Inteligência de Ameaças

Software Afetado

Classificação de Fraqueza (CWE)

Linha do tempo

Mitigação e Soluções Alternativastraduzindo…

Como corrigirtraduzindo…

Boletim de Segurança CVE

Perguntas frequentestraduzindo…

What is CVE-2025-43010 — RCE in SAP S/4HANA Cloud Private Edition?

Am I affected by CVE-2025-43010 in SAP S/4HANA Cloud Private Edition?

How do I fix CVE-2025-43010 in SAP S/4HANA Cloud Private Edition?

Is CVE-2025-43010 being actively exploited?

Where can I find the official SAP advisory for CVE-2025-43010?

Seu projeto está afetado?