CVE-2025-30012

  1. Yack CVE
  2. Vulnerabilities (CVE)
  3. CVE-2025-30012

10.0 /10

CVSS v3 : CRITICAL

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 6.0

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope CHANGED

T

he Live Auction Cockpit in SAP Supplier Relationship Management (SRM) uses a deprecated java applet component, which allows an unauthenticated attacker to send malicious payload request in a specific encoding format. The servlet will then decode this malicious request which will result in deserialization of data in the application leading to execution of arbitrary OS command on target as SAP Administrator. This vulnerability has High impact on confidentiality, integrity, and availability of the application.

References
Link Resource
https://me.sap.com/notes/3578900 Permissions Required
https://url.sap/sapsecuritypatchday Not Applicable
Configurations

Configuration 1 (hide)

cpe:2.3:a:sap:supplier_relationship_management:7.14:*:*:*:*:*:*:*
History

23 Oct 2025, 16:52

Type Values Removed Values Added
CPE cpe:2.3:a:sap:supplier_relationship_management:7.14:*:*:*:*:*:*:*
First Time Sap
Sap supplier Relationship Management
References () https://me.sap.com/notes/3578900 - () https://me.sap.com/notes/3578900 - Permissions Required
References () https://url.sap/sapsecuritypatchday - () https://url.sap/sapsecuritypatchday - Not Applicable

07 Jul 2025, 15:15

Type Values Removed Values Added
CVSS v2 : unknown
v3 : 3.9 		v2 : unknown
v3 : 10.0
Summary (en) The Live Auction Cockpit in SAP Supplier Relationship Management (SRM) uses a deprecated java applet component within the affected SRM stack to accept binary Java objects in specific encoding format. On successful exploitation, an authenticated attacker with high privileges could send malicious payload request and receive an outbound DNS request, resulting in deserialization of data in the application. This vulnerability has low impact on confidentiality, integrity and availability of the application. (en) The Live Auction Cockpit in SAP Supplier Relationship Management (SRM) uses a deprecated java applet component, which allows an unauthenticated attacker to send malicious payload request in a specific encoding format. The servlet will then decode this malicious request which will result in deserialization of data in the application leading to execution of arbitrary OS command on target as SAP Administrator. This vulnerability has High impact on confidentiality, integrity, and availability of the application.

13 May 2025, 19:35

Type Values Removed Values Added
Summary
  • (es) Live Auction Cockpit de SAP Supplier Relationship Management (SRM) utiliza un componente de applet de Java obsoleto dentro de la pila SRM afectada para aceptar objetos binarios de Java en un formato de codificación específico. Si se explota con éxito, un atacante autenticado con privilegios elevados podría enviar una solicitud de payload malicioso y recibir una solicitud DNS saliente, lo que provocaría la deserialización de los datos en la aplicación. Esta vulnerabilidad tiene un impacto bajo en la confidencialidad, la integridad y la disponibilidad de la aplicación.

13 May 2025, 01:15

Type Values Removed Values Added
New CVE
Information

Published : 2025-05-13 01:15

Updated : 2025-10-23 16:52

NVD link : CVE-2025-30012

Mitre link : CVE-2025-30012

CVE.ORG link : CVE-2025-30012

JSON object : View

Products Affected

sap

CWE
CWE-502

Deserialization of Untrusted Data