CVE-2025-42937
Published: 14 October 2025
Description
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
Security Summary
CVE-2025-42937, published on 2025-10-14, affects the SAP Print Service (SAPSprint) component. The vulnerability arises from insufficient validation of path information provided by users, enabling path traversal as described by CWE-35. This allows attackers to access the parent directory and overwrite system files, with a CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H), reflecting critical severity due to high impacts on confidentiality, integrity, and availability.
An unauthenticated attacker can exploit this vulnerability remotely over the network, requiring low complexity, no privileges, and no user interaction. Successful exploitation enables overwriting of system files, potentially compromising the application's security posture across all CIA triad aspects.
SAP advisories address mitigation via security note 3630595 at https://me.sap.com/notes/3630595, released as part of SAP Security Patch Day documented at https://url.sap/sapsecuritypatchday. Practitioners should review and apply these patches to affected SAP Print Service instances.
Details
- CWE(s)
MITRE ATT&CK Enterprise Techniques
Why these techniques?
The vulnerability is a path traversal in SAP Print Service allowing unauthenticated remote attackers to overwrite system files, directly enabling exploitation of a public-facing application.