A missing authorization check in the SAP ERP Central Component and SAP S/4HANA (SAP EHS Management) allows an attacker to read hard‑coded clear‑text credentials and bypass password authentication by manipulating user parameters. Exploitation gives the attacker the ability to access, modify, or delete change pointer information in EHS objects, which can in turn influence downstream systems. The vulnerability is assessed as having low impact on confidentiality and integrity, and no effect on availability.

The affected vendors are SAP SE with the products SAP ERP Central Component and SAP S/4HANA (SAP EHS Management). Specific version numbers are not provided in the current data, so a vulnerability assessment should target all deployable instances of these products that may contain the exposed credentials.

The CVSS base score of 6.4 categorizes this issue as medium severity. The EPSS score of less than 1% indicates a very low probability of active exploitation at present, and it is not listed in the CISA KEV catalog. The likely attack vector involves the attacker manipulating user parameters that the application does not adequately authorize. Such a vector typically requires the attacker to have some user or process access that can alter those parameters. Once the check is bypassed, the attacker gains read/write privileges over the affected EHS data structures.