[Security Vulnerability Alert] SAP NetWeaver Enterprise Portal Management has a critical cybersecurity vulnerability (CVE-2026-27685).

[Security Vulnerability Alert] SAP NetWeaver Enterprise Portal Management has a critical cybersecurity vulnerability (CVE-2026-27685).

2026/3/13 ～ 2026/9/13

View Count：18

Forwarded from Taiwan Computer Network Crisis Management and Coordination Center: Cybersecurity Warning TWCERTCC-200-202603-00000008

[Content Description]
SAP has released a critical cybersecurity vulnerability announcement (CVE-2026-27685, CVSS: 9.1) for its product SAP NetWeaver Enterprise Portal Administration. This vulnerability allows privileged attackers to upload untrusted or malicious content, which, after system deserialization, could potentially impact the confidentiality, integrity, and availability of the host system.

[Affected Platform]
SAP NetWeaver Enterprise Portal Administration Version(s) - EP-RUNTIME 7.50

[Recommended Action]
Patch according to the solution released on the official website: https://support.sap.com/en/my-support/knowledge-base/security-notes-news/march-2026.html

[References]
1. https://www.twcert.org.tw/tw/cp-169-10757-ddbaa-1.html

[Security Vulnerability Alert] SAP NetWeaver Enterprise Portal Management has a critical cybersecurity vulnerability (CVE-2026-27685).

2026/3/13 ～ 2026/9/13

View Count：18

Files

官方網站

參考資料

【Back】

[Security Vulnerability Alert] SAP NetWeaver Enterprise Portal Management has a critical cybersecurity vulnerability (CVE-2026-27685).

2026/3/13 ～ 2026/9/13

View Count：18

Files

system_update_alt官方網站

system_update_alt參考資料

【Back】

官方網站

參考資料