CVE-2026-24317

MEDIUM

SAP GUI for Windows - DLL Hijacking

Title source: llm

Description

SAP GUI for Windows allows DLL files to be loaded from arbitrary directories within the application. An unauthenticated attacker could exploit this vulnerability by persuading a victim to place a malicious DLL within one of these directories. The malicious command is executed in the victim user's context provided GuiXT is enabled. This vulnerability has a low impact on confidentiality, integrity, and availability.

References (2)

[Vendor Advisory] https://me.sap.com/notes/3699761

[Vendor Advisory] https://url.sap/sapsecuritypatchday

Scores

CVSS v3 5.0

EPSS 0.0003

EPSS Percentile 7.8%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L

Classification

CWE

CWE-427

Status draft

Timeline

Published Mar 10, 2026

Tracked Since Mar 11, 2026