CVE-2025-42960 is a vulnerability identified in SAP Business Warehouse (SAP BW) and SAP BW/4HANA BEx Tools, specifically related to missing authorization checks (CWE-862). The flaw allows an authenticated attacker with limited privileges to escalate their access rights beyond what is intended by exploiting improper authorization enforcement within the affected SAP modules. The vulnerability primarily impacts data integrity by enabling unauthorized deletion of user table entries. Importantly, this vulnerability does not affect the confidentiality or availability of the system, meaning that sensitive data exposure or service disruption are not direct consequences of exploitation. The affected SAP versions include a broad range of SAP BW and SAP BW/4HANA releases, from older versions like SAP_BW 700 series through to newer releases such as DW4CORE 400 and SAP_BW_VIRTUAL_COMP 701. The CVSS v3.1 base score is 4.3, indicating a medium severity level, with the vector showing network attack vector (AV:N), low attack complexity (AC:L), requiring privileges (PR:L), no user interaction (UI:N), unchanged scope (S:U), no confidentiality impact (C:N), low integrity impact (I:L), and no availability impact (A:N). No known exploits are currently reported in the wild, and no official patches have been linked yet. The vulnerability arises from missing or insufficient authorization checks that allow an authenticated user to perform unauthorized operations, such as deleting entries in user tables, which could compromise data integrity within the SAP BW environment.

For European organizations, the impact of CVE-2025-42960 centers on the potential compromise of data integrity within critical SAP Business Warehouse systems. SAP BW is widely used across Europe in sectors such as manufacturing, finance, retail, and public administration for business intelligence and data analytics. Unauthorized deletion of user table entries could lead to inaccurate reporting, loss of audit trails, and disruption of business processes dependent on reliable data. While confidentiality and availability are not directly affected, the integrity compromise could result in incorrect business decisions, regulatory compliance issues, and potential financial losses. Organizations relying heavily on SAP BW for operational reporting and decision-making may experience degraded trust in their data outputs. Additionally, since exploitation requires authenticated access with some privileges, insider threats or compromised credentials could be leveraged to exploit this vulnerability. The absence of known exploits reduces immediate risk, but the broad range of affected versions and the critical role of SAP BW in European enterprises necessitate prompt attention.

To mitigate CVE-2025-42960, European organizations should implement the following specific measures: 1) Conduct a thorough audit of user privileges within SAP BW and SAP BW/4HANA environments to ensure the principle of least privilege is enforced, minimizing the number of users with elevated access rights. 2) Implement strict access controls and monitoring on user table modification operations, including logging and alerting on deletion or modification activities. 3) Review and harden authorization objects and roles related to BEx Tools and SAP BW components to detect and close gaps in authorization checks. 4) Employ multi-factor authentication (MFA) for all SAP BW users to reduce the risk of credential compromise. 5) Monitor SAP security notes and vendor advisories closely for the release of official patches or hotfixes addressing this vulnerability and apply them promptly once available. 6) Use SAP’s Security Audit Log and change management tools to detect anomalous activities indicative of exploitation attempts. 7) Train SAP administrators and security teams on recognizing and responding to potential misuse of authorization privileges. These targeted actions go beyond generic patching advice by focusing on privilege management, monitoring, and proactive detection tailored to the SAP BW environment.