CVE-2025-42894 – This CVE describes a Path Traversal vulnerabili... (How to Fix)

Q: What is the severity of CVE-2025-42894?

CVE-2025-42894 has a CVSS score of 6.8 (MEDIUM). This CVE describes a Path Traversal vulnerability in SAP Business Connector that allows authenticated administrators with adjacent access to manipulate arbitrary files on the host system. Successful exploitation could lead to remote code execution and complete system compromise. Organizations running vulnerable versions of SAP Business Connector are affected.

📋 TL;DR

This CVE describes a Path Traversal vulnerability in SAP Business Connector that allows authenticated administrators with adjacent access to manipulate arbitrary files on the host system. Successful exploitation could lead to remote code execution and complete system compromise. Organizations running vulnerable versions of SAP Business Connector are affected.

💻 Affected Systems

Products:

SAP Business Connector

Versions: Specific versions not detailed in provided references; check SAP Note 3666038 for exact affected versions

Operating Systems: All supported OS platforms for SAP Business Connector

Default Config Vulnerable: ⚠️ Yes

Notes: Requires administrator authentication with adjacent network access; default configurations are vulnerable if these conditions are met.

📦 What is this software?

Business Connector by Sap

View all CVEs affecting Business Connector →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system compromise allowing attacker to execute arbitrary OS commands, read sensitive data, modify system files, and maintain persistent access.

🟠

Likely Case

Unauthorized file access and modification leading to data theft, system disruption, or lateral movement within the network.

🟢

If Mitigated

Limited impact due to network segmentation, strict access controls, and monitoring preventing exploitation attempts.

🌐 Internet-Facing: MEDIUM

🏢 Internal Only: HIGH

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploitation requires administrator credentials and adjacent network access; path traversal vulnerabilities are typically straightforward to exploit once access is obtained.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Check SAP Note 3666038 for specific patch information

Vendor Advisory: https://me.sap.com/notes/3666038

Restart Required: Yes

Instructions:

1. Review SAP Note 3666038 for specific patch details
2. Download and apply the security patch from SAP Support Portal
3. Restart SAP Business Connector services
4. Verify the patch was successfully applied

🔧 Temporary Workarounds

Network Segmentation

all

Restrict network access to SAP Business Connector to only trusted systems and users

Access Control Hardening

all

Implement strict access controls and review administrator account permissions

🧯 If You Can't Patch

Implement network segmentation to isolate SAP Business Connector from untrusted networks
Enhance monitoring and logging for suspicious file access patterns and administrator activities

🔍 How to Verify

Check if Vulnerable:

Check SAP Business Connector version against affected versions listed in SAP Note 3666038

Check Version:

Check version through SAP Business Connector administration interface or consult system documentation

Verify Fix Applied:

Verify patch installation through SAP management console and confirm version is updated beyond vulnerable range

📡 Detection & Monitoring

Log Indicators:

Unusual file access patterns
Administrator account access from unexpected locations
File modification attempts outside normal directories

Network Indicators:

Unexpected connections to SAP Business Connector administration interfaces
File transfer patterns to/from the system

SIEM Query:

Search for file access events with path traversal patterns or administrator account activities on SAP Business Connector systems

📊 Metadata

CVE ID: CVE-2025-42894

CVSS v3 Score: 6.8 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-22

EPSS Score: 0.11% exploit probability (30.2th percentile)

Published: November 11, 2025

Last Updated: January 16, 2026

🔗 References

https://me.sap.com/notes/3666038 Permissions Required
https://url.sap/sapsecuritypatchday Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-42894, you might also want to check these: