CVE-2025-31332 – This vulnerability allows attackers with local ... (How to Fix)

Q: What is the severity of CVE-2025-31332?

CVE-2025-31332 has a CVSS score of 6.6 (MEDIUM). This vulnerability allows attackers with local system access to modify files in SAP BusinessObjects Business Intelligence Platform due to insecure file permissions, potentially disrupting operations or causing service downtime. It affects integrity and availability but does not expose sensitive data. Organizations using vulnerable versions of this platform are at risk.

📋 TL;DR

This vulnerability allows attackers with local system access to modify files in SAP BusinessObjects Business Intelligence Platform due to insecure file permissions, potentially disrupting operations or causing service downtime. It affects integrity and availability but does not expose sensitive data. Organizations using vulnerable versions of this platform are at risk.

💻 Affected Systems

Products:

SAP BusinessObjects Business Intelligence Platform

Versions: Specific versions not detailed in CVE; check SAP notes for exact range.

Operating Systems: Windows, Linux, and other supported OS for SAP BusinessObjects

Default Config Vulnerable: ⚠️ Yes

Notes: Vulnerability is present in default installations; local access is required for exploitation.

📦 What is this software?

Businessobjects Business Intelligence Platform by Sap

View all CVEs affecting Businessobjects Business Intelligence Platform →

⚠️ Risk & Real-World Impact

🔴

Worst Case

An attacker could modify critical files to disrupt business intelligence operations, leading to extended service downtime and operational impact.

🟠

Likely Case

Local users or malware could tamper with files, causing intermittent service disruptions or configuration issues.

🟢

If Mitigated

With strict access controls and monitoring, impact is limited to minor disruptions or no exploitation.

🌐 Internet-Facing: LOW, as exploitation requires local access to the system, not remote network access.

🏢 Internal Only: HIGH, because internal attackers or compromised accounts with local access can exploit this vulnerability.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: LOW, as it involves file modification with local access.

Exploitation is straightforward for attackers with local privileges, but no public exploits are known.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Refer to SAP Note 3565751 for patched versions.

Vendor Advisory: https://me.sap.com/notes/3565751

Restart Required: Yes

Instructions:

1. Review SAP Note 3565751 for details. 2. Apply the security patch provided by SAP. 3. Restart affected services as required.

🔧 Temporary Workarounds

Restrict File Permissions

all

Manually adjust file permissions to limit write access to authorized users only.

chmod 644 /path/to/vulnerable/files (Linux)
icacls /path/to/vulnerable/files /deny Everyone:F (Windows)

🧯 If You Can't Patch

Implement strict access controls to limit local user privileges and monitor for unauthorized file changes.
Use application whitelisting or integrity monitoring tools to detect and prevent file modifications.

🔍 How to Verify

Check if Vulnerable:

Check file permissions on SAP BusinessObjects installation directories for overly permissive settings.

Check Version:

Run 'bobj -version' or check SAP administration console for version details.

Verify Fix Applied:

Verify that patched versions are installed and file permissions are corrected per SAP guidance.

📡 Detection & Monitoring

Log Indicators:

Unexpected file modification events in system or application logs.

Network Indicators:

None, as this is a local vulnerability.

SIEM Query:

Search for events like 'File modified' in SAP BusinessObjects logs or system audit trails.

📊 Metadata

CVE ID: CVE-2025-31332

CVSS v3 Score: 6.6 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H

CWE: CWE-277

EPSS Score: 0.04% exploit probability (13.1th percentile)

Published: April 8, 2025

Last Updated: October 24, 2025

🔗 References

https://me.sap.com/notes/3565751 Permissions Required
https://url.sap/sapsecuritypatchday Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-31332, you might also want to check these: