CVE-2023-32113
published 2023-05-09CVE-2023-32113: SAP GUI for Windows - version 7.70, 8.0, allows an unauthorized attacker to gain NTLM authentication information of a victim by tricking it into clicking a…
critical9.3CVSS 3.1
AVNACLPRNUIRSCCHIHAN
SAP GUI for Windows - version 7.70, 8.0, allows an unauthorized attacker to gain NTLM authentication information of a victim by tricking it into clicking a prepared shortcut file. Depending on the authorizations of the victim, the attacker can read and modify potentially sensitive information after successful exploitation.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| sap | gui_for_windows | < 7.70 | 7.70 |
| sap | gui_for_windows | — | — |
| sap | gui_for_windows | — | — |
| sap_se | sap_gui_for_windows | <= 7.70 | — |
| sap_se | sap_gui_for_windows | 7.70 PL0 – 7.70 PL11 | — |
| sap_se | sap_gui_for_windows | 8.00 PL0 – 8.00 PL1 | — |