How severe is CVE-2025-27432?

This vulnerability has a severity rating of LOW with a CVSS score of 2.4 out of 10.

What type of vulnerability is CVE-2025-27432?

This is classified as CWE-862, which is a common weakness in software security.

CVE-2025-27432 - LOW Severity | CVSS 2.4

Vulnerability Description

The eDocument Cockpit (Inbound NF-e) in SAP Electronic Invoicing for Brazil allows an authenticated attacker with certain privileges to gain unauthorized access to each transaction. By executing the specific ABAP method within the ABAP system, an unauthorized attacker could call each transaction and view the inbound delivery details. This vulnerability has a low impact on the confidentiality with no effect on the integrity and the availability of the application.

Related Vulnerabilities

CVE-2018-21046

LOW

CVSS:2.4(Low)

An issue was discovered on Samsung mobile devices with O(8.x) software. There is clipboard Data Exposure via the Emergency Dialer upon connecting a USB device. The Samsung ID is SVE-2018-12911 (Novemb...

CWE-8622018

CVE-2021-1755

LOW

CVSS:2.4(Low)

A lock screen issue allowed access to contacts on a locked device. This issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.0.1. A person with physical access t...

CWE-8622021

CVE-2022-20529

LOW

CVSS:2.4(Low)

In multiple locations of WifiDialogActivity.java, there is a possible limited lockscreen bypass due to a logic error in the code. This could lead to local escalation of privilege in wifi settings with...

CWE-8622022

CVE-2024-40839

LOW

CVSS:2.4(Low)

This issue was addressed through improved state management. This issue is fixed in iOS 17.5 and iPadOS 17.5. An attacker with physical access to an iOS device may be able to view notification contents...

CWE-8622024

CVE-2024-45284

LOW

CVSS:2.4(Low)

An authenticated attacker with high privilege can use functions of SLCM transactions to which access should be restricted. This may result in an escalation of privileges causing low impact on integrit...

CWE-8622024

CVE-2020-29480

LOW

CVSS:2.3(Low)

An issue was discovered in Xen through 4.14.x. Neither xenstore implementation does any permission checks when reporting a xenstore watch event. A guest administrator can watch the root xenstored node...

CWE-8622020