CVE-2025-42927

Summary

SAP NetWeaver AS Java application uses Adobe Document Service, installed with a vulnerable version of OpenSSL.Successful exploitation of known vulnerabilities in the outdated OpenSSL library would allow user with high system privileges to access and modify system information.This vulnerability has a low impact on confidentiality and integrity, with no impact on availability.

Affected Software

VendorProductVersion RangeStatus
SAP_SESAP NetWeaver AS Java (Adobe Document Service)ADSSAP 7.50affected

Weaknesses

  • CWE-1395: CWE-1395: Dependency on Vulnerable Third-Party Component

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References