CVE-2025-43003 – SAP S/4 HANA Configuration Privilege Escalation

CVE ID : CVE-2025-43003

Published : May 13, 2025, 1:15 a.m. | 1 hour, 26 minutes ago

Description : SAP S/4 HANA allows an authenticated attacker with user privileges to configure a field not intended for their access and create a custom UI layout displaying this field. On performing this step the attacker could gain access to highly sensitive information. This could cause a high impact on confidentiality and minimal impact on integrity and availability of the application.

Severity: 6.4 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…