Plataforma
sap
Componente
sap-landscape-transformation
Corrigido em
2011.0.1
2011.0.1
2011.0.1
2011.0.1
2011.0.1
2020.0.1
4.0.1
103.0.1
104.0.1
105.0.1
106.0.1
107.0.1
108.0.1
109.0.1
CVE-2026-27675 affects SAP Landscape Transformation, a tool used for system migrations and landscape consolidation. This vulnerability allows a high-privileged adversary to inject arbitrary ABAP code and operating system commands through an RFC-exposed function module. Affected versions include 20111700–S4CORE 102, and a patch is expected to be released by SAP. The vulnerability's impact is primarily on data integrity.
The vulnerability lies in an RFC-exposed function module within SAP Landscape Transformation. A successful exploit allows an attacker with elevated privileges to inject arbitrary ABAP code and operating system commands. While the attacker doesn't gain full control, they can potentially modify information stored within the system. This could lead to data corruption, unauthorized changes to configurations, or disruption of business processes. The impact is considered low due to the requirement of high privileges and the limited scope of potential modifications, but the potential for data integrity compromise should not be underestimated.
CVE-2026-27675 was publicly disclosed on 2026-04-14. The vulnerability has a CVSS score of 2.0 (LOW). There are currently no publicly available proof-of-concept exploits. It is not listed on the CISA KEV catalog at the time of this writing. Exploitation would likely require a sophisticated attacker with deep knowledge of SAP systems and RFC protocols.
Organizations heavily reliant on SAP Landscape Transformation for system migrations and landscape consolidation are at risk. Specifically, environments with poorly configured access controls or users with excessive privileges within SAP systems are particularly vulnerable. Those running the affected version (20111700–S4CORE 102) are directly exposed.
• linux / server:
journalctl -u saprouter | grep RFC• generic web:
curl -I <rfc_endpoint>• database (mysql, redis, mongodb, postgresql): (Not applicable, as this is a SAP application-level vulnerability) • windows / supply-chain: (Not applicable, as this is a SAP application-level vulnerability) • wordpress / composer / npm: (Not applicable, as this is a SAP application-level vulnerability)
disclosure
Status do Exploit
EPSS
0.03% (percentil 8%)
CISA SSVC
Vetor CVSS
The primary mitigation for CVE-2026-27675 is to upgrade to a patched version of SAP Landscape Transformation as soon as it becomes available from SAP. In the interim, organizations should implement restrictive Web Application Firewall (WAF) rules to limit access to the vulnerable RFC function module. Specifically, restrict access based on IP address or user roles. Regularly review RFC access logs for suspicious activity. Consider implementing stricter authentication and authorization controls for users with administrative privileges within SAP Landscape Transformation.
Aplique el parche de seguridad proporcionado por SAP (3723097) para mitigar la vulnerabilidad de inyección de código en SAP Landscape Transformation. Verifique la documentación de SAP para obtener instrucciones detalladas sobre la aplicación del parche y las versiones específicas afectadas. Consulte el SAP Security Patch Day para obtener información adicional.
Análise de vulnerabilidades e alertas críticos diretamente no seu e-mail.
CVE-2026-27675 is a low severity vulnerability in SAP Landscape Transformation allowing high-privileged attackers to inject ABAP code and OS commands, potentially modifying information. It affects versions 20111700–S4CORE 102.
You are affected if you are running SAP Landscape Transformation version 20111700–S4CORE 102 and have not yet applied the security patch.
The recommended fix is to upgrade to a patched version of SAP Landscape Transformation as soon as it becomes available. In the interim, implement WAF rules to restrict RFC access.
As of the current disclosure date, there are no publicly available proof-of-concept exploits or confirmed active exploitation campaigns.
Refer to the official SAP Security Notes for details and updates regarding CVE-2026-27675. Check the SAP Support Portal for the latest information.
Envie seu arquivo de dependências e descubra na hora se esta e outras CVEs te atingem.