CVE-2025-42966

Publication date

2025-07-08 00:36:13

Family

sap

State

PUBLISHED

Description

SAP NetWeaver XML Data Archiving Service allows an authenticated attacker with administrative privileges to exploit an insecure Java deserialization vulnerability by sending a specially crafted serialized Java object. This could lead to high impact on confidentiality, integrity, and availability of the application.