CVE 8.8 HIGH

Privilege escalation vulnerability in SAP HANA database_CVE-2026-0492

January 12, 2026 invoker category_cve

8.8 / 10

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Description

SAP HANA database is vulnerable to privilege escalation allowing an attacker with valid credentials of any user to switch to another user potentially gaining administrative access. This exploit could result in a total compromise of the system�s confidentiality, integrity, and availability.

AI Analysis

Privilege escalation vulnerability in SAP HANA database allowing attackers to gain administrative access

Basic Information

ID CVE-2026-0492

Source sap

Published Jan 13, 2026 at 01:13

Affected Product

Vendor SAP_SE

Product SAP HANA database

Version HDB 2.00

Affected Versions SAP_SE SAP HANA database HDB 2.00

CWE Classification

CWE-306

AI Assessment

AI Score 8.8 / 10

AI Severity High

Vendor SAP

Product SAP HANA database

Version HDB 2.00

References

{
    "lastseen": "",
    "description": "SAP HANA database is vulnerable to privilege escalation allowing an attacker with valid credentials of any user to switch to another user potentially gaining administrative access. This exploit could result in a total compromise of the system\ufffds confidentiality, integrity, and availability.",
    "published": "2026-01-13T01:13:00.391Z",
    "modified": "2026-01-13T01:13:00.391Z",
    "type": "cve",
    "title": "Privilege escalation vulnerability in SAP HANA database",
    "source": "sap",
    "references": "https://me.sap.com/notes/3691059\nhttps://url.sap/sapsecuritypatchday",
    "id": "CVE-2026-0492",
    "bulletinFamily": "",
    "cwe": [
        "CWE-306"
    ],
    "cvelist": null,
    "sourceData": "SAP_SE SAP HANA database HDB 2.00",
    "sourceHref": "",
    "cvss": {
        "score": 8.8,
        "severity": "HIGH",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "SAP HANA database",
    "version": "HDB 2.00",
    "vendor": "SAP_SE",
    "ai_description": "Privilege escalation vulnerability in SAP HANA database allowing attackers to gain administrative access",
    "ai_severity": "High",
    "ai_vendor": "SAP",
    "ai_product": "SAP HANA database",
    "ai_version": "HDB 2.00",
    "ai_score": 8.8
}

💭 Join the Security Discussion ❌ Cancel Reply