Critical Severity Vulnerability
This vulnerability has been rated as Critical severity. Immediate action is recommended.
CVE-2026-0500
Critical
Low
Medium
High
Critical
9.6
CVSS Score
Published: Jan 13, 2026
Last Modified: Jan 13, 2026
Vulnerability Description
Due to the usage of vulnerable third party component in SAP Wily Introscope Enterprise Manager (WorkStation), an unauthenticated attacker could create a malicious JNLP (Java Network Launch Protocol) file accessible by a public facing URL. When a victim clicks on the URL the accessed Wily Introscope Server could execute OS commands on the victim's machine. This could completely compromising confidentiality, integrity and availability of the system.
CVSS Metrics
Common Vulnerability Scoring System
Vector String:
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
Attack Vector
N
Attack Complexity
L
Privileges Required
N
User Interaction
R
Scope
C
Confidentiality
H
Integrity
H
Availability
H
References & Resources
Severity Details
9.6
out of 10.0
Critical
Key Information
- Published Date
- January 13, 2026
