SAP NetWeaver ABAP Memory Corruption Authenticated RCE
CVE-2026-44747 Published on July 14, 2026

Memory Corruption vulnerability in SAP NetWeaver Application Server ABAP
SAP NetWeaver Application Server ABAP allows an authenticated attacker to leverage logical errors in memory management to cause a memory corruption that could lead to unauthorized data access, modification, or system unavailability. This has high impact on confidentiality, integrity, and availability of the application.

NVD

Vulnerability Analysis

CVE-2026-44747 can be exploited with network access, and requires small amount of user privileges. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to be critical as this vulnerability has a high impact to the confidentiality, integrity and availability of this component.

Attack Vector:
NETWORK
Attack Complexity:
LOW
Privileges Required:
LOW
User Interaction:
NONE
Scope:
CHANGED
Confidentiality Impact:
HIGH
Integrity Impact:
HIGH
Availability Impact:
HIGH

Weakness Type

What is a Memory Corruption Vulnerability?

The software writes data past the end, or before the beginning, of the intended buffer. Typically, this can result in corruption of data, a crash, or code execution. The software may modify an index or perform pointer arithmetic that references a memory location that is outside of the boundaries of the buffer. A subsequent write operation then produces undefined or unexpected results.

CVE-2026-44747 has been classified to as a Memory Corruption vulnerability or weakness.


Products Associated with CVE-2026-44747

Want to know whenever a new CVE is published for SAP Netweaver Application Server Abap? stack.watch will email you.

 

Affected Versions

SAP_SE SAP NetWeaver Application Server ABAP: