CVE-2026-23687
Undergoing Analysis Undergoing Analysis - In Progress
Signed XML Message Forgery in SAP NetWeaver ABAP Enables Unauthorized Access

Publication date: 2026-02-10

Last updated on: 2026-02-17

Assigner: SAP SE

Description
SAP NetWeaver Application Server ABAP and ABAP Platform allows an authenticated attacker with normal privileges to obtain a valid signed message and send modified signed XML documents to the verifier. This may result in acceptance of tampered identity information, unauthorized access to sensitive user data and potential disruption of normal system usage.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-02-10
Last Modified
2026-02-17
Generated
2026-05-07
AI Q&A
2026-02-10
EPSS Evaluated
2026-05-05
NVD
CVE-2026-23687
EUVD
EUVD-2026-6389
Affected Vendors & Products
Showing 18 associated CPEs
Vendor Product Version / Range
sap sap_basis 700
sap sap_basis 701
sap sap_basis 702
sap sap_basis 731
sap sap_basis 740
sap sap_basis 750
sap sap_basis 751
sap sap_basis 752
sap sap_basis 753
sap sap_basis 754
sap sap_basis 755
sap sap_basis 756
sap sap_basis 757
sap sap_basis 758
sap sap_basis 804
sap sap_basis 916
sap sap_basis 917
sap sap_basis 918
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-347 The product does not verify, or incorrectly verifies, the cryptographic signature for data.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability exists in SAP NetWeaver Application Server ABAP and ABAP Platform. It allows an authenticated attacker with normal user privileges to obtain a valid signed message and then send modified signed XML documents to the system verifier.

As a result, the system may accept tampered identity information, which means the attacker can potentially bypass security checks by presenting altered but seemingly valid credentials or data.


How can this vulnerability impact me? :

The impact of this vulnerability includes unauthorized access to sensitive user data, as the attacker can manipulate signed messages to gain access they should not have.

Additionally, it may cause disruption of normal system usage, potentially affecting availability and integrity of the system.


How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:

I don't know


How can this vulnerability be detected on my network or system? Can you suggest some commands?

I don't know


What immediate steps should I take to mitigate this vulnerability?

I don't know


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart