Vulnerability cyber

SAP

Jun 25, 2025 1 min read
SAP

SAP GUI, a trusted interface for hundreds of thousands of global enterprises, has been found to be storing sensitive user data with outdated encryption, potentially allowing data breaches. Researchers have discovered vulnerabilities in the product's user input history feature affecting both Windows and Java versions. These vulnerabilities could expose sensitive information such as usernames, national IDs, and bank account numbers, stored either unencrypted or protected with a weak, reusable XOR key.

Source: https://www.csoonline.com/article/4012446/sap-gui-flaws-expose-sensitive-data-via-weak-or-no-encryption.html

TPRM report: https://scoringcyber.rankiteo.com/company/sap

"id": "sap527062525",
"linkid": "sap",
"type": "Vulnerability",
"date": "6/2025",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"
{'affected_entities': [{'industry': 'Technology',
                        'location': 'Global',
                        'name': 'SAP',
                        'size': 'Large',
                        'type': 'Enterprise Software'}],
 'attack_vector': 'Vulnerability Exploitation',
 'data_breach': {'data_encryption': 'Weak or None',
                 'personally_identifiable_information': True,
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ['usernames',
                                              'national IDs',
                                              'bank account numbers']},
 'description': 'SAP GUI, a trusted interface for hundreds of thousands of '
                'global enterprises, has been found to be storing sensitive '
                'user data with outdated encryption, potentially allowing data '
                'breaches. According to Pathlock researcher Jonathan Stross '
                'and Fortinet’s Julian Petersohn, a couple of information '
                'disclosure vulnerabilities affect the product’s user input '
                'history feature in its Windows (CVE-2025-0055) and Java '
                '(CVE-2025-0056) versions. The newly disclosed vulnerabilities '
                'affect how user-entered data like usernames, national IDs, '
                'and bank account numbers are stored locally, either '
                'unencrypted or protected with a weak, reusable XOR key.',
 'impact': {'data_compromised': ['usernames',
                                 'national IDs',
                                 'bank account numbers'],
            'systems_affected': ['SAP GUI Windows version',
                                 'SAP GUI Java version']},
 'post_incident_analysis': {'root_causes': 'Outdated encryption and weak XOR '
                                           'key'},
 'references': [{'source': 'Pathlock researcher Jonathan Stross and Fortinet’s '
                           'Julian Petersohn'}],
 'title': 'SAP GUI Vulnerabilities Expose Sensitive User Data',
 'type': 'Data Breach',
 'vulnerability_exploited': ['CVE-2025-0055', 'CVE-2025-0056']}
Published by
Jeremy C
Jeremy C
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.