CVE-2025-42994

Summary

SAP MDM Server ReadString function allows an attacker to send specially crafted packets which could trigger a memory read access violation in the server process that would then fail and exit unexpectedly causing high impact on availability with no impact on confidentiality and integrity of the application.

Affected Software

VendorProductVersion RangeStatus
SAP_SESAP MDM ServerMDM_SERVER 710.750affected

Weaknesses

  • CWE-590: CWE-590: Free of Memory not on the Heap

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References