Description
SAP NetWeaver Enterprise Portal Administration is vulnerable if a privileged user uploads untrusted or malicious content that, upon deserialization, could result in a high impact on the confidentiality, integrity, and availability of the host system.
Published: 2026-03-10
Score: 9.1 Critical
EPSS: < 1% Very Low
KEV: No
Impact: Remote Code Execution
Action: Immediate Patch
AI Analysis

Impact

The vulnerability in SAP NetWeaver Enterprise Portal Administration allows a privileged user to upload arbitrary content that, when deserialized, may compromise the confidentiality, integrity, and availability of the host system. The insecure deserialization flaw (CWE‑502) can enable an attacker to execute arbitrary code or otherwise manipulate the application state, leading to high‑impact system compromise.

Affected Systems

All installations of SAP NetWeaver Enterprise Portal Administration are potentially affected, as no specific product versions are listed. The issue applies to any environment where privileged users can upload content that is subsequently deserialized by the portal management processes.

Risk and Exploitability

With a CVSS score of 9.1, the vulnerability is considered critical. However, the current EPSS score indicates a low likelihood of exploitation (<1%). The flaw requires a privileged user to upload malicious content, implying that the attack vector is more likely to be local or insider rather than remote. The vulnerability is not listed in the CISA KEV catalog, so it is not known to be actively exploited in the wild.

Generated by OpenCVE AI on April 16, 2026 at 03:55 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the SAP security patch detailed in SAP Note 3714585 to address the deserialization flaw.
  • If a patch cannot be applied immediately, restrict upload functionality for privileged users or remove the ability to upload untrusted content until remediation.
  • Implement strict input validation on upload endpoints and use safe deserialization practices to prevent arbitrary code execution.

Generated by OpenCVE AI on April 16, 2026 at 03:55 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 10 Mar 2026 17:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Tue, 10 Mar 2026 14:15:00 +0000

Type Values Removed Values Added
First Time appeared Sap Se
Sap Se sap Netweaver Enterprise Portal Administration
Vendors & Products Sap Se
Sap Se sap Netweaver Enterprise Portal Administration

Tue, 10 Mar 2026 00:45:00 +0000

Type Values Removed Values Added
Description SAP NetWeaver Enterprise Portal Administration is vulnerable if a privileged user uploads untrusted or malicious content that, upon deserialization, could result in a high impact on the confidentiality, integrity, and availability of the host system.
Title Insecure Deserialization in SAP NetWeaver Enterprise Portal Administration
Weaknesses CWE-502
References
Metrics cvssV3_1

{'score': 9.1, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H'}

Subscriptions

Sap Se Sap Netweaver Enterprise Portal Administration
cve-icon MITRE

Status: PUBLISHED

Assigner: sap

Published:

Updated: 2026-03-11T03:56:31.464Z

Reserved: 2026-02-23T17:50:17.028Z

Link: CVE-2026-27685

cve-icon Vulnrichment

Updated: 2026-03-10T15:39:52.377Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-03-10T17:38:10.980

Modified: 2026-03-11T13:53:47.157

Link: CVE-2026-27685

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-16T04:00:09Z

Weaknesses