SAP Change and Transport System Attach Tool (ctsattach) allows an authenticated attacker to supply a specially crafted archive file which, when processed by the application�s library, can trigger insecure deserialization and lead to remote code execution (RCE) on the system. Successful exploitation requires a victim to process the malicious archive, enabling the attacker to execute the RCE and extract sensitive information and gain control over the system and its processes. This vulnerability has a high impact on confidentiality and integrity of the data, with a low impact on the availability of the system.
Metrics
Affected Vendors & Products
References
History
Tue, 14 Jul 2026 01:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | SAP Change and Transport System Attach Tool (ctsattach) allows an authenticated attacker to supply a specially crafted archive file which, when processed by the application�s library, can trigger insecure deserialization and lead to remote code execution (RCE) on the system. Successful exploitation requires a victim to process the malicious archive, enabling the attacker to execute the RCE and extract sensitive information and gain control over the system and its processes. This vulnerability has a high impact on confidentiality and integrity of the data, with a low impact on the availability of the system. | |
| Title | Remote Code Execution vulnerability in SAP Change and Transport System Attach Tool (ctsattach) | |
| Weaknesses | CWE-502 | |
| References |
| |
| Metrics |
cvssV3_1
|
Status: PUBLISHED
Assigner: sap
Published:
Updated: 2026-07-14T00:21:45.702Z
Reserved: 2026-06-29T19:34:28.222Z
Link: CVE-2026-58233
No data.
No data.
No data.
OpenCVE Enrichment
No data.