CVE-2025-31324 - SAP NetWeaver Visual Composer v1.0.2
This pack handles CVE-2025-31324 - SAP NetWeaver Visual Composer
- Author:
- Cortex XSOAR
- Support:
- xsoar
Case Management
README
This pack is part of the Rapid Breach Response pack.
CVE-2025-31324 is a critical zero-day vulnerability in the Metadata Uploader component of SAP NetWeaver Visual Composer. The flaw stems from missing authorization checks, letting unauthenticated attackers upload malicious binaries. Successful exploitation can lead to full remote-code execution (RCE), jeopardising confidentiality, integrity, and availability.
Unauthenticated attackers can upload arbitrary files (for example, JSP web shells) and gain code-execution with the privileges of the SAP application-server process.
References
Unit 42 threat brief
NIST NVD entry
