CVE-2025-0069 – DLL Hijacking vulnerability in SAPSetup

https://notcve.org/view.php?id=CVE-2025-0069

14 Jan 2025 — Due to DLL injection vulnerability in SAPSetup, an attacker with either local user privileges or with access to a compromised corporate user�s Windows account could gain higher privileges. With this, he could move laterally within the network and further compromise the active directory of a company. This leads to high impact on confidentiality, integrity and availability of the Windows server. • https://me.sap.com/notes/3542533 • CWE-427: Uncontrolled Search Path Element •