Description
SAP NetWeaver Application Server ABAP and ABAP Platform allows an authenticated attacker with normal privileges to obtain a valid signed message and send modified signed XML documents to the verifier. This may result in acceptance of tampered identity information leading to unauthorized access to sensitive user data and potential disruption of normal system usage. This causes a high impact on confidentiality, integrity and availability of the application.
Published: 2026-06-09
Score: 9.9 Critical
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

SAP NetWeaver Application Server ABAP and ABAP Platform allow an authenticated attacker with normal privileges to obtain a valid signed message and send modified signed XML documents to the verifier. This would cause the verifier to accept tampered identity information, leading to unauthorized access to sensitive user data and potential disruption of system usage. The flaw is classified as a high‑impact XML Signature Wrapping issue (CWE‑347) that compromises confidentiality, integrity, and availability of the application.

Affected Systems

The vulnerability affects SAP NetWeaver AS ABAP and ABAP Platform. Specific affected release versions are not disclosed in the available data, so all installations of these products should be considered at risk until an official patch is applied.

Risk and Exploitability

The CVSS score of 9.9 indicates critical severity, and although the EPSS score is not available, the lack of exploitation mitigation in KEV suggests the issue is not yet widely exploited in the wild. The attack requires a legitimate authenticated session with normal privileges, implying that attackers with such access can modify the XML signature without detection. Once a signed message is captured, the attacker can replay or alter the data, causing the system to trust forged identity assertions. The nature of the weakness (XML Signature Wrapping) allows the attacker to bypass normal signature verification procedures by restructuring the XML prior to verification, a technique known to be feasible with many existing XML parsers.

Generated by OpenCVE AI on June 9, 2026 at 02:21 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the SAP security patch referenced in SAP note 3746332 as part of the SAP Security Patch Day process
  • Ensure that the SAML implementation validates signatures after all XML transformations and rejects any altered or tampered XML structures
  • Restrict normal‑privilege accounts to the minimum level necessary for their roles so that an attacker with only basic access cannot elevate privileges or manipulate identity assertions
  • Enable detailed logging of SAML authentication events and monitor for anomalies such as repeated signature verification failures or unexpected certificate use
  • If available, update or replace any client or server libraries that perform SAML processing with versions that implement robust XML signature checking

Generated by OpenCVE AI on June 9, 2026 at 02:21 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 09 Jun 2026 13:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Tue, 09 Jun 2026 09:00:00 +0000

Type Values Removed Values Added
First Time appeared Sap Se
Sap Se sap Netweaver And Abap Platform
Vendors & Products Sap Se
Sap Se sap Netweaver And Abap Platform

Tue, 09 Jun 2026 01:15:00 +0000

Type Values Removed Values Added
Description SAP NetWeaver Application Server ABAP and ABAP Platform allows an authenticated attacker with normal privileges to obtain a valid signed message and send modified signed XML documents to the verifier. This may result in acceptance of tampered identity information leading to unauthorized access to sensitive user data and potential disruption of normal system usage. This causes a high impact on confidentiality, integrity and availability of the application.
Title XML Signature Wrapping in SAML Authentication in SAP NetWeaver AS ABAP and ABAP Platform
Weaknesses CWE-347
References
Metrics cvssV3_1

{'score': 9.9, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H'}

Subscriptions

Sap Se Sap Netweaver And Abap Platform
cve-icon MITRE

Status: PUBLISHED

Assigner: sap

Published:

Updated: 2026-06-09T13:03:17.251Z

Reserved: 2026-05-07T18:16:34.195Z

Link: CVE-2026-44748

cve-icon Vulnrichment

Updated: 2026-06-09T13:03:13.875Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-06-09T01:16:46.603

Modified: 2026-06-09T02:08:28.150

Link: CVE-2026-44748

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-09T08:45:37Z

Weaknesses