Skip to main content

Saprouter On Microsoft Windows

1 CVEs product

Monthly

CVE-2026-0487 HIGH This Week

Arbitrary code execution in SAProuter on Microsoft Windows lets a local attacker plant a malicious DLL in an untrusted search-path location that SAProuter loads at runtime, hijacking the DLL loading process to run attacker code with the privileges of the SAProuter service. The flaw was reported by SAP and carries a CVSS 8.4 with full High impact on confidentiality, integrity, and availability; there is no public exploit identified at time of analysis and it is not listed in CISA KEV. Because SAProuter typically runs as a persistent network gateway service, successful exploitation can compromise a strategically positioned host in an SAP landscape.

RCE Microsoft Saprouter On Microsoft Windows
NVD
CVSS 3.1
8.4
EPSS
0.1%
EPSS 0% CVSS 8.4
HIGH This Week

Arbitrary code execution in SAProuter on Microsoft Windows lets a local attacker plant a malicious DLL in an untrusted search-path location that SAProuter loads at runtime, hijacking the DLL loading process to run attacker code with the privileges of the SAProuter service. The flaw was reported by SAP and carries a CVSS 8.4 with full High impact on confidentiality, integrity, and availability; there is no public exploit identified at time of analysis and it is not listed in CISA KEV. Because SAProuter typically runs as a persistent network gateway service, successful exploitation can compromise a strategically positioned host in an SAP landscape.

RCE Microsoft Saprouter On Microsoft Windows
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy