CVE-2025-43005 Information

Description

SAP GUI for Windows allows an unauthenticated attacker to exploit insecure obfuscation algorithms used by the GuiXT application to store user credentials. While this issue does not impact the Integrity or Availability of the application it may have a Low impact on the Confidentiality of data.

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N

Reference

https://me.sap.com/notes/3574520 https://url.sap/sapsecuritypatchday https://url.sap/sapsecuritypatchday

Attack Complexity

LOW

Privileges Required

NONE

User Interaction Required

NONE

Scope

NONE

Confidentiality Impact

CHANGED

Integrity Impact

LOW

Availability Impact

NONE

Base Score

NONE

Base Severity

4.3