SAP GUI for Windows NTLM Authentication Information Disclosure Vulnerability

SAP GUI for Windows NTLM Authentication Information Disclosure Vulnerability

CVE-2023-32113 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N

SAP GUI for Windows - version 7.70, 8.0, allows an unauthorized attacker to gain NTLM authentication information of a victim by tricking it into clicking a prepared shortcut file. Depending on the authorizations of the victim, the attacker can read and modify potentially sensitive information after successful exploitation.

Learn more about our Web Application Penetration Testing UK.