CVE-2026-0487 漏洞深度分析

漏洞概述

CVE 编号: CVE-2026-0487
CVSS 评分: 8.4(HIGH)
CVSS 向量: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE 分类: CWE-427
漏洞状态: Received
发布时间: 2026-07-14T01:16:16.370
最后更新: 2026-07-14T13:18:12.937

漏洞描述

SAProuter on Microsoft Windows allows an unauthenticated attacker to load library (DLL) files from an untrusted location, allowing them to execute malicious code on the system. This could enable the attacker to hijack the DLL loading process and achieve arbitrary code execution. This has high impact on confidentiality, integrity and availability of the system.

影响分析

此漏洞的具体影响取决于实际利用场景。"

修复建议

  1. 及时关注厂商发布的安全更新和补丁
  2. 升级受影响组件到最新版本
  3. 如无法立即升级,参考厂商提供的临时缓解措施
  4. 加强网络访问控制和监控

参考链接

  1. https://me.sap.com/notes/3692165
  2. https://url.sap/sapsecuritypatchday