通过远程函数调用 (RFC) 在 SAP NetWeaver Application Server ABAP 中存在混合动态 RFC 目标漏洞
平台
sap
组件
sap-netweaver-application-server-abap
修复版本
64.0.1
7.22.1
64.0.1
7.53.1
7.22.1
7.54.1
7.77.1
7.89.1
7.93.1
CVE-2025-23186 describes a Remote Function Call (RFC) vulnerability in SAP NetWeaver Application Server ABAP. This flaw allows an authenticated attacker to craft malicious RFC requests, potentially exposing credentials for remote services. The vulnerability impacts versions of SAP NetWeaver Application Server ABAP up to and including KRNL64UC 7.22. A patch is available from SAP to address this issue.
影响与攻击场景翻译中…
Successful exploitation of CVE-2025-23186 can lead to a complete compromise of the targeted remote service. By crafting a specific RFC request, an attacker can bypass security controls and obtain credentials that would otherwise be inaccessible. These credentials can then be leveraged to gain unauthorized access, modify data, or disrupt service operations. The potential impact extends beyond the immediate application, as compromised credentials could be used for lateral movement within the SAP environment and potentially to other connected systems. This vulnerability shares similarities with other RFC-based privilege escalation attacks, highlighting the importance of strict access controls and input validation.
利用背景翻译中…
CVE-2025-23186 was publicly disclosed on April 8, 2025. Exploitation probability is currently assessed as medium, given the authentication requirement and the need for crafting specific RFC requests. Public proof-of-concept exploits are not yet widely available, but the vulnerability's nature suggests it could be readily exploited once a PoC is released. Monitor security advisories and threat intelligence feeds for any indications of active exploitation campaigns.
哪些人处于风险中翻译中…
Organizations heavily reliant on SAP NetWeaver Application Server ABAP for critical business processes are particularly at risk. Environments with weak access controls or inadequate network segmentation are also more vulnerable. Shared hosting environments where multiple tenants share the same SAP instance should be carefully assessed for potential cross-tenant exposure.
检测步骤翻译中…
• linux / server:
journalctl -u sapstartsrv | grep RFC• generic web:
curl -I <rfc_endpoint>• database (mysql, redis, mongodb, postgresql): N/A - This vulnerability is not directly related to database systems. • windows / supply-chain: N/A - This vulnerability is not directly related to Windows systems. • wordpress / composer / npm: N/A - This vulnerability is not directly related to web application frameworks.
攻击时间线
- Disclosure
disclosure
威胁情报
漏洞利用状态
EPSS
0.21% (43% 百分位)
CISA SSVC
CVSS 向量
这些指标意味着什么?
- Attack Vector
- 网络 — 可通过互联网远程利用,无需物理或本地访问。攻击面最大。
- Attack Complexity
- 高 — 需要竞态条件、非默认配置或特定情况。难以可靠利用。
- Privileges Required
- 低 — 任何有效用户账户均可。
- User Interaction
- 无 — 攻击自动且无声,受害者无需任何操作。
- Scope
- 已改变 — 攻击可以超出脆弱组件,影响其他系统。
- Confidentiality
- 高 — 完全丧失机密性,攻击者可读取所有数据。
- Integrity
- 高 — 攻击者可写入、修改或删除任何数据。
- Availability
- 高 — 完全崩溃或资源耗尽,完全拒绝服务。
受影响的软件
弱点分类 (CWE)
时间线
- 已保留
- 发布日期
- 修改日期
- EPSS 更新日期
缓解措施和替代方案翻译中…
The primary mitigation for CVE-2025-23186 is to upgrade to a patched version of SAP NetWeaver Application Server ABAP. Refer to the official SAP security note for the specific fixed version. If immediate patching is not feasible, consider implementing stricter access controls on RFC destinations to limit the potential attack surface. Implement network segmentation to restrict access to RFC services from untrusted networks. Monitor RFC activity for suspicious patterns and unauthorized access attempts. After upgrading, verify the fix by attempting to trigger the vulnerable RFC call with a modified request and confirming that the authentication mechanism remains secure.
修复方法翻译中…
Aplique las actualizaciones o parches proporcionados por SAP para corregir la vulnerabilidad de llamada a función remota (RFC) en SAP NetWeaver Application Server ABAP. Consulte la nota SAP 3554667 para obtener más detalles e instrucciones específicas sobre cómo aplicar la solución.
CVE 安全通讯
漏洞分析和关键警报直接发送到您的邮箱。
常见问题翻译中…
What is CVE-2025-23186 — RFC Credential Exposure in SAP NetWeaver?
CVE-2025-23186 is a HIGH severity vulnerability in SAP NetWeaver Application Server ABAP allowing authenticated attackers to expose credentials via crafted RFC requests, potentially leading to remote service compromise.
Am I affected by CVE-2025-23186 in SAP NetWeaver?
You are affected if you are running SAP NetWeaver Application Server ABAP versions up to and including KRNL64UC 7.22. Check your version and apply the recommended patch.
How do I fix CVE-2025-23186 in SAP NetWeaver?
Upgrade to a patched version of SAP NetWeaver Application Server ABAP as specified in the official SAP security note. Implement stricter access controls and network segmentation as interim measures.
Is CVE-2025-23186 being actively exploited?
While no confirmed active exploitation campaigns have been publicly reported, the vulnerability's nature suggests it could be readily exploited once a proof-of-concept is released. Monitoring is advised.
Where can I find the official SAP advisory for CVE-2025-23186?
Refer to the official SAP Security Notes published on the SAP Support Portal for detailed information and the corresponding patch: [https://www.sap.com/security/support.html](https://www.sap.com/security/support.html)