Sapcar

Privilege Escalation in SAPCAR via Malicious SAR Archive
CVE-2025-42992 6.9 - Medium - July 08, 2025

SAPCAR allows an attacker logged in with high privileges to create a malicious SAR archive in SAPCAR. This could enable the attacker to exploit critical files and directory permissions without breaking signature validation, resulting in potential privilege escalation. This has high impact on integrity, but low impact on confidentiality and availability of the system.

Incorrect Privilege Assignment

Privilege Esc Escalation via Permissions Override in SAPCAR (CVE-2025-43001)
CVE-2025-43001 6.9 - Medium - July 08, 2025

SAPCAR allows an attacker logged in with high privileges to override the permissions of the current and parent directories of the user or process extracting the archive, leading to privilege escalation. On successful exploitation, an attacker could modify the critical files by tampering with signed archives without breaking the signature, but it has a low impact on the confidentiality and availability of the system.

Incorrect Privilege Assignment

SAPCAR - version 7.22, does not contain sufficient input validation on the SAPCAR archive
CVE-2022-26100 9.8 - Critical - March 10, 2022

SAPCAR - version 7.22, does not contain sufficient input validation on the SAPCAR archive. As a result, the SAPCAR process may crash, and the attacker may obtain privileged access to the system.

Improper Input Validation

SAP SAPCAR does not check the return value of file operations when extracting files, which
CVE-2016-5845 5.5 - Medium - August 13, 2016

SAP SAPCAR does not check the return value of file operations when extracting files, which allows remote attackers to cause a denial of service (program crash) via an invalid file name in an archive file, aka SAP Security Note 2312905.<a href="http://cwe.mitre.org/data/definitions/252.html">CWE-252: Unchecked Return Value</a>