CVE-2023-0012
First published: Tue Jan 10 2023(Updated: )
In SAP Host Agent (Windows) - versions 7.21, 7.22, an attacker who gains local membership to SAP_LocalAdmin could be able to replace executables with a malicious file that will be started under a privileged account. Note that by default all user members of SAP_LocaAdmin are denied the ability to logon locally by security policy so that this can only occur if the system has already been compromised.
Credit: cna@sap.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Sap Host Agent | =7.21 | |
| Sap Host Agent | =7.22 | |
| Microsoft Windows |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2023-0012?
The severity of CVE-2023-0012 is medium (6.7).
Which versions of SAP Host Agent (Windows) are affected by CVE-2023-0012?
Versions 7.21 and 7.22 of SAP Host Agent (Windows) are affected by CVE-2023-0012.
How can an attacker exploit CVE-2023-0012?
An attacker who gains local membership to SAP_LocalAdmin could replace executables with a malicious file that will be started under a privileged account.
Are all user members of SAP_LocalAdmin denied the ability to log in by default?
Yes, by default all user members of SAP_LocalAdmin are denied the ability to log in.
How can I fix CVE-2023-0012 in SAP Host Agent (Windows) versions 7.21 and 7.22?
To fix CVE-2023-0012, apply the necessary patches and updates provided by SAP.
- collector/nvd-index
- agent/weakness
- vendor/sap
- canonical/sap host agent
- version/sap host agent/7.21
- version/sap host agent/7.22
- vendor/microsoft
- canonical/microsoft windows