SAP NetWeaver Visual Composer Metadata Uploader High Risk Vulnerability (CVE-2025-31324)
CVE Number = CVE-2025-31324
This vulnerability affects the platform’s visual composer, it lets a remote and unauthenticated attacker upload malicious files directly to the system without authorisation.
According to SAP security platform Onapsis, the vulnerability has already been exploited as a zero-day and can afford attackers the opportunity to take full control over SAP business data and processes.
A spokesperson on LinkedIn said “We strongly recommend SAP customers to apply the emergency patch released by SAP earlier today, and assess vulnerable systems for compromise”
ReliaQuest reported that multiple customers were compromised via unauthorized file uploads on SAP NetWeaver, with the attackers uploading JSP webshells to publicly accessible directories.
This vulnerability impacts the Visual Composer Framework 7.50 and the recommended action is to apply the latest patch.
Security notice – https://me.sap.com/notes/3594142
Blogger at www.systemtek.co.uk