CVE-2023-0012

In SAP Host Agent (Windows) - versions 7.21, 7.22, an attacker who gains local membership to SAP_LocalAdmin could be able to replace executables with a malicious file that will be started under a privileged account. Note that by default all user members of SAP_LocaAdmin are denied the ability to logon locally by security policy so that this can only occur if the system has already been compromised.
Configurations

Configuration 1


Information

Published : 2023-01-10 03:15

Updated : 2023-01-13 05:59


NVD link : CVE-2023-0012

Mitre link : CVE-2023-0012

Products Affected
CWE