How severe is CVE-2026-0500?

CVE-2026-0500 has a CVSS v3 score of 9.6 (CRITICAL).

CVE-2026-0500

9.6CRITICAL

Due to the usage of vulnerable third party component in SAP Wily Introscope Enterprise Manager (WorkStation), an unauthenticated attacker could create a malicious JNLP (Java Network Launch Protocol) f

Veröffentlicht: 1/13/2026Aktualisiert: 1/13/2026

Beschreibung

Due to the usage of vulnerable third party component in SAP Wily Introscope Enterprise Manager (WorkStation), an unauthenticated attacker could create a malicious JNLP (Java Network Launch Protocol) file accessible by a public facing URL. When a victim clicks on the URL the accessed Wily Introscope Server could execute OS commands on the victim's machine. This could completely compromising confidentiality, integrity and availability of the system.

KI-AnalyseKI-gestützt

Referenzen

https://me.sap.com/notes/3668679
https://url.sap/sapsecuritypatchday