CVE-2026-44747

Summary

SAP NetWeaver Application Server ABAP allows an authenticated attacker to leverage logical errors in memory management to cause a memory corruption that could lead to unauthorized data access, modification, or system unavailability. This has high impact on confidentiality, integrity, and availability of the application.

Affected Software

VendorProductVersion RangeStatus
SAP_SESAP NetWeaver Application Server ABAPKRNL64NUC 7.22affected
SAP_SESAP NetWeaver Application Server ABAP7.22EXTaffected
SAP_SESAP NetWeaver Application Server ABAPKRNL64UC 7.22affected
SAP_SESAP NetWeaver Application Server ABAP7.53affected
SAP_SESAP NetWeaver Application Server ABAPKERNEL 7.22affected
SAP_SESAP NetWeaver Application Server ABAP7.53. 7.54affected
SAP_SESAP NetWeaver Application Server ABAP7.77affected
SAP_SESAP NetWeaver Application Server ABAP7.89affected
SAP_SESAP NetWeaver Application Server ABAP7.93affected
SAP_SESAP NetWeaver Application Server ABAP9.16affected
SAP_SESAP NetWeaver Application Server ABAP9.18affected
SAP_SESAP NetWeaver Application Server ABAP9.19affected
SAP_SESAP NetWeaver Application Server ABAP9.20affected

Weaknesses

  • CWE-787: CWE-787: Out-of-bounds Write

References