PatchSiren cyber security CVE debrief
CVE-2026-44750 SAP_SE CVE debrief
A vulnerability in SAP MDG (Review Match Groups Application) allows low-privileged users to perform actions restricted to higher-privileged users, resulting in privilege escalation. This has a medium CVSS score of 4.3, with low impact on integrity and no impact on confidentiality or availability.
- Vendor
- SAP_SE
- Product
- SAP MDG (Review Match Groups Application)
- CVSS
- MEDIUM 4.3
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-09
- Original CVE updated
- 2026-06-09
- Advisory published
- 2026-06-09
- Advisory updated
- 2026-06-09
Who should care
Administrators and users of SAP MDG (Review Match Groups Application) should be aware of this vulnerability and take necessary actions to mitigate it.
Technical summary
The vulnerability exists due to a lack of proper authorization checks for authenticated users in SAP MDG (Review Match Groups Application). This allows low-privileged users to perform actions that would otherwise be restricted, leading to privilege escalation.
Defensive priority
MEDIUM
Recommended defensive actions
- Apply patches or updates provided by SAP to address this vulnerability.
- Restrict access to sensitive areas of the application to only authorized users.
- Monitor user activity and perform regular security audits to detect potential exploitation.
Evidence notes
The CVE record and NVD detail can be found at [cve-org] and [nvd], respectively. Additional information is available at [ref-4] and [ref-5].
Official resources
CVE-2026-44750 was published on 2026-06-09T01:16:46.737Z and modified on 2026-06-09T02:08:28.150Z.