Start your free trial today.
Protect your organization with cutting-edge cybersecurity solutions designed for resilience and efficiency. Secure your digital assets with confidence.
Your Shield Against Threats
Unleash the Power of Cybersecurity
Boost Your Security, Enhance Your Business
We solve Your Cyber Challenges
Quick Links
Resources
Deepaegis Portals
2025 Deepaegis. All Rights Reserved.
CVE-2025-31324 is a critical zero-day vulnerability in SAP Visual Composer that allows unauthenticated threat actors to upload arbitrary files and gain full control of vulnerable systems. First discovered in the wild in March 2025 and publicly disclosed on April 22, 2025, this vulnerability is being actively exploited, making rapid remediation essential.
Exploitation of CVE-2025-31324 leads to complete system compromise. Attackers can upload webshells or malicious binaries, gaining persistent and unauthenticated access, potentially leading to data theft, ransomware, or lateral movement within enterprise environments.
SAP NetWeaver (Visual Composer)
Affected Version: 7.5 SP < 020
Remediation: Apply SAP Security Note 3604119 released on May 13, 2025, which addresses the root cause (CVE-2025-42999). For systems where patching is not immediately possible, SAP recommends “Option 0” from Note 3593336 — complete removal of the vulnerable sap.com/devserver_metadataupload_ear application.
Exploit Added Date: 3/11/2025
No temporary fixes provided
No recommended security measures provided
No detection methods provided
5/21/2025
5/12/2025
No affected organizations specified
This document contains sensitive information. Unauthorized distribution is prohibited.