Security Advisory

CVE-2025-42928

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-12-09 02:15:45

Last updated 2026-02-26 16:57:09

Assigner sap

State PUBLISHED

Description

Under certain conditions, a high privileged user could exploit a deserialization vulnerability in SAP jConnect to launch remote code execution. The system may be vulnerable when specially crafted input is used to exploit the vulnerability resulting in high impact on confidentiality, integrity and availability of the system.

← Browse all CVEs View on cve.org ↗