CVE-2026-24326 – Missing authorization check in SAP S/4HANA Defense & Security (Disconnected Operations)

CVE ID : CVE-2026-24326

Published : Feb. 10, 2026, 3:04 a.m. | 1 hour, 17 minutes ago

Description : Due to a missing authorization check in the Disconnected Operations of the SAP S/4HANA Defense & Security, an attacker with user privileges could call remote-enabled function modules to do direct update on standard SAP database table . This results in low impact on integrity, with no impact on confidentiality or availability of the application.

Severity: 4.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…