CVE-2026-27675Code Injection in SE SAP Landscape Transformation

CWE-94Code Injection3 documents3 sources
Severity
2.0LOWNVD
EPSS
0.0%
top 92.18%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
SAP SE SAP Landscape Transformation
Timeline
PublishedApr 14

Description

SAP Landscape Transformation contains a vulnerability in an RFC-exposed function module that could allow a high privileged adversary to inject arbitrary ABAP code and operating system commands. Due to this, some information could be modified, but the attacker does not have control over kind or degree. This leads to a low impact on integrity, while confidentiality and availability are not impacted.

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:L/A:NExploitability: 0.5 | Impact: 1.4

Affected Packages1 packages

CVEListV5sap_se/sap_landscape_transformation14 versions+13

🔴Vulnerability Details

2
GHSA
GHSA-rqv3-6h29-j2m3: SAP Landscape Transformation contains a vulnerability in an RFC-exposed function module that could allow a high privileged adversary to inject arbitra2026-04-14
CVEList
Code Injection vulnerability in SAP Landscape Transformation2026-04-14
CVE-2026-27675 — Code Injection | cvebase