Infosecurity-magazine.com

Public Exploit Released for Critical SAP NetWeaver Flaw

A critical vulnerability in SAP NetWeaver AS Java Visual Composer, tracked as CVE-2025-31324, is now being widely exploited following the release of public exploit tooling. The flaw, patched in April ...
Bleeping Computer

SAP fixes maximum severity NetWeaver command execution flaw

SAP has addressed 21 new vulnerabilities affecting its products, including three critical severity issues impacting the NetWeaver software solution. SAP NetWeaver is the foundation for SAP's business ...
Bleeping Computer

SAP fixes suspected NetWeaver zero-day exploited in attacks

SAP has released out-of-band emergency NetWeaver updates to fix a suspected remote code execution (RCE) zero-day flaw actively exploited to hijack servers. The vulnerability, tracked under ...
Dark Reading

SAP NetWeaver Visual Composer Flaw Under Active Exploitation

Attackers are actively exploiting a recently patched zero-day vulnerability in SAP's NetWeaver Visual Composer Web-based software modeling tool. CVE-2025-31324 is a critical vulnerability with a ...
heise online

SAP Patch Day: NetWeaver vulnerability allows code injection

Admins of SAP installations will have work on Tuesday this week: SAP has released advisories for 15 vulnerabilities in the company's products. Some of these are critical vulnerabilities that allow the ...
heise online

SAP Patchday: NetWeaver products are vulnerable to malware attacks

On Patchday in July, SAP developers closed a total of five "critical" security vulnerabilities. In the worst case scenario, malicious code can compromise systems. So far, there are no indications that ...
it-daily.net

Critical security vulnerability discovered in SAP NetWeaver

Security experts have identified a serious security vulnerability in SAP NetWeaver that allows unauthorized access to company systems. The vulnerability became known in April 2025 and specifically ...