SAP has confirmed active exploitation of a significant vulnerability (CVE-2025-31324) in SAP NetWeaver Visual Composer, allowing unauthorized file uploads via the Metadata Uploader component. Attackers are placing webshells for persistent access, raising threat levels to high. The concern is compounded by reports that these webshells are being sold online. In light of this, SAP strongly urges immediate application of an emergency patch and recommends conducting thorough system checks to mitigate potential abuses. Additional updates for other SAP products have also been released to address various vulnerabilities.
SAP is warning of active exploitation of a critical vulnerability (CVE-2025-31324) in SAP NetWeaver Visual Composer, urging immediate emergency patch installation.
Attackers are placing webshells to maintain persistent access, increasing the threat level as these webshells are now also being sold online.
Collection
[
|
...
]