SAP© Security Advisories - 06 2025 - Severity High

We've created the first of its kind, SecurityBridge Cloud Platform, designed to prioritize SAP patches, updates, and remediation strategies that help prevent disruptions to critical business systems. Our security advisories provide SAP users with valuable insights into the security and business implications of operating SAP.

The user interface is designed to be as intuitive as possible, but we’d love to hear your feedback and suggestions.
We hope you enjoy using it!

× Hey there! Glad you made it.
We have found 7 security advices for you to review.

Severity

SAP© Security advisories 7

System Types

Affected SAP© system types

_{Related note}
3609271

_CVSS
8.8

_{Affected system
type}
ABAP

_Patchday
2025-06

_{Released
on}
2025/06/10

Description
[CVE-2025-42982] Information Disclosure in SAP GRC (AC Plugin)

Security Advisory

_{Related note}
3474398

_CVSS
8.7

_{Affected system
type}
BI/BO platform

_Patchday
2025-06

_{Released
on}
2025/01/14

Description
[CVE-2025-0061] Multiple vulnerabilities in SAP BusinessObjects Business Intelligence Platform

Security Advisory

_{Related note}
3606484

_CVSS
8.5

_{Affected system
type}
ABAP

_Patchday
2025-06

_{Released
on}
2025/06/10

Description
[CVE-2025-42983] Missing Authorization check in SAP Business Warehouse and SAP Plug-In Basis

Security Advisory

_{Related note}
3560693

_CVSS
8.2

_{Affected system
type}
BI/BO platform

_Patchday
2025-06

_{Released
on}
2025/06/10

Description
[CVE-2025-23192] Cross-Site Scripting (XSS) vulnerability in SAP BusinessObjects Business Intelligence (BI Workspace)

Security Advisory

_{Related note}
3591978

_CVSS
7.7

_{Affected system
type}
ABAP

_Patchday
2025-06

_{Released
on}
2025/05/13

Description
[CVE-2025-43011] Missing Authorization Check in SAP Landscape Transformation (PCL Basis)

Security Advisory

_{Related note}
3610591

_CVSS
7.6

_{Affected system
type}
ABAP

_Patchday
2025-06

_{Released
on}
2025/06/10

Description
[CVE-2025-42977] Directory Traversal vulnerability in SAP NetWeaver Visual Composer

Security Advisory

_{Related note}
3610006

_CVSS
7.5

_{Affected system
type}
SAP MDM Server

_Patchday
2025-06

_{Released
on}
2025/06/10

Description
[CVE-2025-42994] Multiple vulnerabilities in SAP MDM Server

Security Advisory

Notifications

Severity

SAP© Security advisories 7

System Types

Affected SAP© system types

Related note 3609271

CVSS 8.8

Affected system type ABAP

Patchday2025-06

Released on2025/06/10

Related note 3474398

CVSS 8.7

Affected system type BI/BO platform

Patchday2025-06

Released on2025/01/14

Related note 3606484

CVSS 8.5

Affected system type ABAP

Patchday2025-06

Released on2025/06/10

Related note 3560693

CVSS 8.2

Affected system type BI/BO platform

Patchday2025-06

Released on2025/06/10

Related note 3591978

CVSS 7.7

Affected system type ABAP

Patchday2025-06

Released on2025/05/13

Related note 3610591

CVSS 7.6

Affected system type ABAP

Patchday2025-06

Released on2025/06/10

Related note 3610006

CVSS 7.5

Affected system type SAP MDM Server

Patchday2025-06

Released on2025/06/10

_{Related note}
3609271

_CVSS
8.8

_{Affected system
type}
ABAP

_Patchday
2025-06

_{Released
on}
2025/06/10

_{Related note}
3474398

_CVSS
8.7

_{Affected system
type}
BI/BO platform

_Patchday
2025-06

_{Released
on}
2025/01/14

_{Related note}
3606484

_CVSS
8.5

_{Affected system
type}
ABAP

_Patchday
2025-06

_{Released
on}
2025/06/10

_{Related note}
3560693

_CVSS
8.2

_{Affected system
type}
BI/BO platform

_Patchday
2025-06

_{Released
on}
2025/06/10

_{Related note}
3591978

_CVSS
7.7

_{Affected system
type}
ABAP

_Patchday
2025-06

_{Released
on}
2025/05/13

_{Related note}
3610591

_CVSS
7.6

_{Affected system
type}
ABAP

_Patchday
2025-06

_{Released
on}
2025/06/10

_{Related note}
3610006

_CVSS
7.5

_{Affected system
type}
SAP MDM Server

_Patchday
2025-06

_{Released
on}
2025/06/10