Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
2.0
SAP Landscape Transformation allows attackers to inject malicious code
CVE-2026-27675
Summary
A high-privileged attacker can inject code that could alter certain data in SAP Landscape Transformation, but the impact is limited. This issue affects SAP Landscape Transformation and requires attention from SAP administrators. To protect your system, apply the latest SAP patches and updates as soon as possible.
Original title
SAP Landscape Transformation contains a vulnerability in an RFC-exposed function module that could allow a high privileged adversary to inject arbitrary ABAP code and operating system commands. Due...
Original description
SAP Landscape Transformation contains a vulnerability in an RFC-exposed function module that could allow a high privileged adversary to inject arbitrary ABAP code and operating system commands. Due to this, some information could be modified, but the attacker does not have control over kind or degree. This leads to a low impact on integrity, while confidentiality and availability are not impacted.
nvd CVSS3.1
2.0
Vulnerability type
CWE-94
Code Injection
Published: 14 Apr 2026 · Updated: 14 Apr 2026 · First seen: 14 Apr 2026