Vulnerability Details CVE-2023-32113
SAP GUI for Windows - version 7.70, 8.0, allows an unauthorized attacker to gain NTLM authentication information of a victim by tricking it into clicking a prepared shortcut file. Depending on the authorizations of the victim, the attacker can read and modify potentially sensitive information after successful exploitation.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 40.4%
CVSS Severity
CVSS v3 Score 7.5
References
Products affected by CVE-2023-32113
-
cpe:2.3:a:sap:gui_for_windows:7.20
-
cpe:2.3:a:sap:gui_for_windows:7.20_compilation_2
-
cpe:2.3:a:sap:gui_for_windows:7.30
-
cpe:2.3:a:sap:gui_for_windows:7.40_core_sp00-sp011
-
cpe:2.3:a:sap:gui_for_windows:7.50
-
cpe:2.3:a:sap:gui_for_windows:7.50_core_sp000
-
cpe:2.3:a:sap:gui_for_windows:7.60
-
cpe:2.3:a:sap:gui_for_windows:7.70
-
cpe:2.3:a:sap:gui_for_windows:8.0