Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
5.0
SAP GUI for Windows loads malicious DLLs from any directory, allowing remote code execution
CVE-2026-24317
Summary
An attacker can trick a user into placing a malicious file in a specific directory, allowing the attacker to run code on the victim's computer. This can lead to unauthorized access or actions being performed on the user's system. To protect against this, ensure that only authorized files are placed in these directories and that users are cautious when interacting with files from unknown sources.
Original title
SAP GUI for Windows allows DLL files to be loaded from arbitrary directories within the application. An unauthenticated attacker could exploit this vulnerability by persuading a victim to place a m...
Original description
SAP GUI for Windows allows DLL files to be loaded from arbitrary directories within the application. An unauthenticated attacker could exploit this vulnerability by persuading a victim to place a malicious DLL within one of these directories. The malicious command is executed in the victim user's context provided GuiXT is enabled. This vulnerability has a low impact on confidentiality, integrity, and availability.
nvd CVSS3.1
5.0
Vulnerability type
CWE-427
Uncontrolled Search Path Element
Published: 10 Mar 2026 · Updated: 13 Mar 2026 · First seen: 11 Mar 2026