cbcvebase.
CVE-2025-31330
published 2025-04-08

CVE-2025-31330: SAP Landscape Transformation (SLT) allows an attacker with user privileges to exploit a vulnerability in the function module exposed via RFC. This flaw enables…

PriorityP268critical9.9CVSS 3.1
AVNACLPRLUINSCCHIHAH
EPSS
0.71%
49.0th percentile
SAP Landscape Transformation (SLT) allows an attacker with user privileges to exploit a vulnerability in the function module exposed via RFC. This flaw enables the injection of arbitrary ABAP code into the system, bypassing essential authorization checks. This vulnerability effectively functions as a backdoor, creating the risk of full system compromise, undermining the confidentiality, integrity and availability of the system.

Affected

4 ranges
VendorProductVersion rangeFixed in
sap_sesap_landscape_transformation
sap_sesap_landscape_transformation
sap_sesap_landscape_transformation
sap_sesap_landscape_transformation

Detection & IOCsextracted from sources · hover to see the quote

  • CVE-2025-31330 is a code injection vulnerability in SAP Landscape Transformation (SLT) exploitable via a function module exposed through RFC, allowing injection of arbitrary ABAP code with only user-level privileges
  • CVE-2025-31330 is patched in the same out-of-band emergency update as CVE-2025-31324 and CVE-2025-27429; monitor for systems that applied only the regular April 8, 2025 SAP patch cycle as they remain unpatched
  • ·CVE-2025-31330 requires only standard user privileges (not admin/root) to exploit the vulnerable RFC-exposed function module in SAP SLT — low privilege bar for full system compromise
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.