URL has been copied successfully!
Exploit weaponizes SAP NetWeaver bugs for full system compromise
URL has been copied successfully!

Collecting Cyber-News from over 60 sources

Exploit weaponizes SAP NetWeaver bugs for full system compromise


Tags: , , , , , , ,

Exploit chaining CVE-2025-31324 & CVE-2025-42999 in SAP NetWeaver enables auth bypass and RCE, risking compromise and data theft. A new exploit chaining two vulnerabilities, tracked as CVE-2025-31324 and CVE-2025-42999, in SAP NetWeaver exposes organizations to the risk of system compromise and data theft. CVE-2025-31324 (CVSS score: 10.0) is a missing authorization check in NetWeaver’s Visual Composer […]

First seen on securityaffairs.com

Jump to article: securityaffairs.com/181325/security/exploit-weaponizes-sap-netweaver-bugs-for-full-system-compromise.html

Loading

Share via Email
Share on Facebook
Tweet on X (Twitter)
Share on Whatsapp
Share on LinkedIn
Share on Xing
Copy link

also interesting:

  1. Hackers breach Microsoft IIS services using Cityworks RCE bug
  2. April Patch Tuesday news: Windows zero day being exploited, ‘big vulnerability’ in 2 SAP apps
  3. Patch Tuesday for May: Five zero day vulnerabilities CISOs should focus on
  4. Frequently Asked Questions About Iranian Cyber Operations