A vulnerability, which was classified as problematic , was found in SAP S4HANA OData Service 4CORE 109 . Affected is an unknown function of the component Manage Reference Equipment . Executing a manipulation can lead to missing authorization. This vulnerability appears as CVE-2026-27677 . The attack may be performed from remote. There is no available exploit. It is advisable to implement a patch to correct this issue.