【Vulnerability Alert】Significant Security Vulnerability in SAP GRC (CVE-2025-42982)

• Subject: 【Vulnerability Alert】Significant Security Vulnerability in SAP GRC (CVE-2025-42982)

• Content Description:
  • Forwarded from Taiwan Computer Emergency Response Team/Coordination Center TWCERTCC-200-202506-00000008
  • SAP has issued a significant security vulnerability announcement for its GRC product (CVE-2025-42982, CVSS: 8.8). This vulnerability allows non-administrator users to access specific transactions, which could lead to modification or manipulation of credentials transmitted by the system. Successful exploitation would severely impact the confidentiality, integrity, and availability of the application.
• Affected Platforms:
  • GRCPINW V1100_700, V1100_731
• Suggested Measures:
  • Please visit the official website for patching: https://support.sap.com/en/my-support/knowledge-base/security-notes-news/june-2025.html
• References:
  1. https://www.twcert.org.tw/tw/cp-169-10176-6114a-1.html

Computer and Communications Center Network Systems Division Respectfully