Summary
| Vulnerability Name | Code Injection Vulnerability in SAP Solution Manager (CVE-2025-42880) |
| Released on | December 09, 2025 |
| Affected Component | SAP Solution Manager |
| Affected Version |
SAP Solution Manager = ST 720
|
| Vulnerability Type | Code execution |
| Exploitation Condition |
1. User authentication: required.
2. Precondition: default configurations.
3. Trigger mode: remote.
|
| Impact | Exploitation difficulty: difficult. Attackers can exploit this vulnerability to execute arbitrary code only after they complete authentication. Severity: critical. This vulnerability may lead to remote code execution. |
| Official Solution | Available |
About the Vulnerability
Component Introduction
SAP Solution Manager is an enterprise-level system lifecycle management platform developed by SAP, specifically designed for the SAP ecosystem. It mainly aims to help enterprises implement centralized monitoring, operation and maintenance, configuration, and process control of SAP-related systems. It is a key tool for ensuring the stable operation of SAP systems and enhancing management efficiency.
Vulnerability Description
On December 09, 2025, Sangfor FarSight Labs received notification of the code injection vulnerability in SAP Solution Manager (CVE-2025-42880), classified as critical in threat level.
Specifically, SAP Solution Manager contains a code injection vulnerability resulting from inadequate validation of the input data. Authenticated attackers can exploit this vulnerability to insert malicious code when calling a remote-enabled function module. Upon successful exploitation, attackers can gain full control of the target system and compromise the confidentiality, integrity, and availability of enterprise systems, thereby posing a severe threat to enterprise security.
Affected Versions
The following SAP Solution Manager version is affected:
SAP Solution Manager = ST 720
Solutions
Remediation Solutions
Official Solution
The latest version has been officially released to fix the vulnerability. Affected users are advised to update SAP Solution Manager to the latest version.
Temporary Solutions
- Disable unused functional modules to reduce attack entry points.
- Follow the principle of least privilege to strictly control the scope of permissions for sensitive operations.
- Do not expose services to the Internet unless necessary, to limit the access sources to trusted ranges.
- Regularly update the system and components to secure versions so that known vulnerabilities can be patched at the earliest opportunity.
Timeline
On December 09, 2025, Sangfor FarSight Labs received notification of the code injection vulnerability in SAP Solution Manager (CVE-2025-42880).
On December 10, 2025, Sangfor FarSight Labs released a vulnerability alert.
Reference
https://support.sap.com/en/my-support/knowledge-base/security-notes-news/december-2025.html
Learn More
Sangfor FarSight Labs researches the latest cyber threats and unknown zero-day vulnerabilities, alerting customers to potential dangers to their organizations, and providing real-time solutions with actionable intelligence. Sangfor FarSight Labs works with other security vendors and the security community at large to identify and verify global cyber threats, providing fast and easy protection for customers.
