April 25, 2025 By Pierluigi Paganini
A zero-day in SAP NetWeaver is potentially being exploited, putting thousands of internet-facing applications at risk.
Researchers warn that a zero-day vulnerability, tracked as CVE-2025-31324 (CVSS score of 10/10), in SAP NetWeaver is potentially being exploited. Thousands of internet-facing applications are potentially at risk.
The flaw in SAP NetWeaver Visual Composer Metadata Uploader stems from a lack of proper authorization checks. This means that unauthenticated attackers, those without valid credentials, can exploit it to upload malicious executable files to the system.
Once uploaded, these files can be executed on the host system, potentially leading to a full compromise of the targeted SAP environment. SAP addressed the flaw with the release of the April 2025 Security Patch Day.