Code Injection vulnerability in SAP Landscape Transformation_CVE-2026-27675

2 / 10

LOW

CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:L/A:N

Description

SAP Landscape Transformation contains a vulnerability in an RFC-exposed function module that could allow a high privileged adversary to inject arbitrary ABAP code and operating system commands. Due to this, some information could be modified, but the attacker does not have control over kind or degree. This leads to a low impact on integrity, while confidentiality and availability are not impacted.

Basic Information

ID CVE-2026-27675

Source sap

Published Apr 14, 2026 at 00:07

Affected Product

Vendor SAP_SE

Product SAP Landscape Transformation

Version DMIS 2011_1_700

Affected Versions SAP_SE SAP Landscape Transformation DMIS 2011_1_700
SAP_SE SAP Landscape Transformation 2011_1_710
SAP_SE SAP Landscape Transformation 2011_1_730
SAP_SE SAP Landscape Transformation 2011_1_731
SAP_SE SAP Landscape Transformation 2011_1_752
SAP_SE SAP Landscape Transformation 2020
SAP_SE SAP Landscape Transformation S4CORE 102
SAP_SE SAP Landscape Transformation 103
SAP_SE SAP Landscape Transformation 104
SAP_SE SAP Landscape Transformation 105
SAP_SE SAP Landscape Transformation 106
SAP_SE SAP Landscape Transformation 107
SAP_SE SAP Landscape Transformation 108
SAP_SE SAP Landscape Transformation 109

CWE Classification

CWE-94

References

{
    "lastseen": "",
    "description": "SAP Landscape Transformation contains a vulnerability in an RFC-exposed function module that could allow a high privileged adversary to inject arbitrary ABAP code and operating system commands. Due to this, some information could be modified, but the attacker does not have control over kind or degree. This leads to a low impact on integrity, while confidentiality and availability are not impacted.",
    "published": "2026-04-14T00:07:01.278Z",
    "modified": "2026-04-14T00:07:01.278Z",
    "type": "cve",
    "title": "Code Injection vulnerability in SAP Landscape Transformation",
    "source": "sap",
    "references": "https://me.sap.com/notes/3723097\nhttps://url.sap/sapsecuritypatchday",
    "id": "CVE-2026-27675",
    "bulletinFamily": "",
    "cwe": [
        "CWE-94"
    ],
    "cvelist": null,
    "sourceData": "SAP_SE SAP Landscape Transformation DMIS 2011_1_700\nSAP_SE SAP Landscape Transformation 2011_1_710\nSAP_SE SAP Landscape Transformation 2011_1_730\nSAP_SE SAP Landscape Transformation 2011_1_731\nSAP_SE SAP Landscape Transformation 2011_1_752\nSAP_SE SAP Landscape Transformation 2020\nSAP_SE SAP Landscape Transformation S4CORE 102\nSAP_SE SAP Landscape Transformation 103\nSAP_SE SAP Landscape Transformation 104\nSAP_SE SAP Landscape Transformation 105\nSAP_SE SAP Landscape Transformation 106\nSAP_SE SAP Landscape Transformation 107\nSAP_SE SAP Landscape Transformation 108\nSAP_SE SAP Landscape Transformation 109",
    "sourceHref": "",
    "cvss": {
        "score": 2,
        "severity": "LOW",
        "vector": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:L/A:N",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "SAP Landscape Transformation",
    "version": "DMIS 2011_1_700",
    "vendor": "SAP_SE",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}