{"id":226807,"date":"2025-12-10T01:35:03","date_gmt":"2025-12-10T07:35:03","guid":{"rendered":"https:\/\/lifeboat.com\/blog\/2025\/12\/sap-fixes-three-critical-vulnerabilities-across-multiple-products"},"modified":"2025-12-10T01:35:03","modified_gmt":"2025-12-10T07:35:03","slug":"sap-fixes-three-critical-vulnerabilities-across-multiple-products","status":"publish","type":"post","link":"https:\/\/lifeboat.com\/blog\/2025\/12\/sap-fixes-three-critical-vulnerabilities-across-multiple-products","title":{"rendered":"SAP fixes three critical vulnerabilities across multiple products"},"content":{"rendered":"<p><a class=\"aligncenter blog-photo\" href=\"https:\/\/lifeboat.com\/blog.images\/sap-fixes-three-critical-vulnerabilities-across-multiple-products.jpg\"><\/a><\/p>\n<p>SAP has released its December security updates addressing 14 vulnerabilities across a range of products, including three critical-severity flaws.<\/p>\n<p>The most severe (CVSS score: 9.9) of all the issues is <a href=\"https:\/\/www.cve.org\/CVERecord?id=CVE-2025-42880\" target=\"_blank\" rel=\"nofollow noopener\">CVE-2025\u201342880<\/a>, a code injection problem impacting SAP Solution Manager ST 720.<\/p>\n<p>\u201cDue to missing input sanitation, SAP Solution Manager allows an authenticated attacker to insert malicious code when calling a remote-enabled function module,\u201d reads the flaw\u2019s description.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>SAP has released its December security updates addressing 14 vulnerabilities across a range of products, including three critical-severity flaws. The most severe (CVSS score: 9.9) of all the issues is CVE-2025\u201342880, a code injection problem impacting SAP Solution Manager ST 720. \u201cDue to missing input sanitation, SAP Solution Manager allows an authenticated attacker to insert [\u2026]<\/p>\n","protected":false},"author":427,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1492],"tags":[],"class_list":["post-226807","post","type-post","status-publish","format-standard","hentry","category-security"],"_links":{"self":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts\/226807","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/users\/427"}],"replies":[{"embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/comments?post=226807"}],"version-history":[{"count":0,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts\/226807\/revisions"}],"wp:attachment":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/media?parent=226807"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/categories?post=226807"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/tags?post=226807"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}