Skip to main content

Sap Change And Transport System Attach Tool Ctsattach

1 CVEs product

Monthly

CVE-2026-58233 HIGH This Week

Insecure deserialization in the SAP Change and Transport System Attach Tool (ctsattach) lets an authenticated, low-privileged attacker achieve remote code execution by supplying a crafted archive that a victim then processes through the tool's library. Successful exploitation yields high confidentiality and integrity impact - attackers can read sensitive data and take control of the host and its processes - with low availability impact. There is no public exploit identified at time of analysis and it is not listed in CISA KEV, but the CWE-502 root cause and 7.6 CVSS make this a meaningful patch priority for SAP landscapes.

Deserialization SAP RCE Sap Change And Transport System Attach Tool Ctsattach
NVD
CVSS 3.1
7.6
EPSS
0.3%
EPSS 0% CVSS 7.6
HIGH This Week

Insecure deserialization in the SAP Change and Transport System Attach Tool (ctsattach) lets an authenticated, low-privileged attacker achieve remote code execution by supplying a crafted archive that a victim then processes through the tool's library. Successful exploitation yields high confidentiality and integrity impact - attackers can read sensitive data and take control of the host and its processes - with low availability impact. There is no public exploit identified at time of analysis and it is not listed in CISA KEV, but the CWE-502 root cause and 7.6 CVSS make this a meaningful patch priority for SAP landscapes.

Deserialization SAP RCE +1
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy