cvedb.io
CVE-2022-22528
HIGH · CVSS 7.8
EPSS exploitation probability: 0%
Published 2022-02-09T23:15:18.377 · Last modified 2026-06-17T04:28:32.240

Summary

SAP Adaptive Server Enterprise (ASE) - version 16.0, installation makes an entry in the system PATH environment variable in Windows platform which, under certain conditions, allows a Standard User to execute malicious Windows binaries which may lead to privilege escalation on the local system. The issue is with the ASE installer and does not impact other ASE binaries.

Affected products

sap — adaptive_server_enterprise

Does this affect you?

Add your gear to cvedb and we'll alert you only when sap ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.