CVE-2025-31324CRITICAL 9.8CISA KEVEPSS p99.9%

CVE-2025-31324SAP NetWeaver Unrestricted File Upload Vulnerability

SAP / NetWeaver

Description

SAP NetWeaver Visual Composer Metadata Uploader contains an unrestricted file upload vulnerability that allows an unauthenticated agent to upload potentially malicious executable binaries.

Scoring

CVSS 3.19.8 (CRITICAL)
VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS99.32% probability of exploitation · percentile 99.9% · 2026-06-17T12:03:21Z
Published2025-04-24
Last modified2025-10-31

CISA KEV entry

Added to KEV: 2025-04-29

Underlying weaknesses· 1

CWE-434

References

  1. https://me.sap.com/notes/3594142
  2. https://url.sap/sapsecuritypatchday
  3. https://onapsis.com/blog/active-exploitation-of-sap-vulnerability-cve-2025-31324/
  4. https://www.bleepingcomputer.com/news/security/sap-fixes-suspected-netweaver-zero-day-exploited-in-attacks/
  5. https://www.theregister.com/2025/04/25/sap_netweaver_patch/
  6. https://onapsis.com/blog/active-exploitation-of-sap-vulnerability-cve-2025-31324/
  7. https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-31324

1

TypeTargetConfidenceTier
WeaknessUnrestricted Upload of File with Dangerous Typecwe-4340%live

(incoming)1

TypeTargetConfidenceTier
KEVEntrySAP NetWeaver Unrestricted File Upload Vulnerabilitykev-cve-2025-313240%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
SAP NetWeaver Deserialization Vulnerability
CVE
CVE-2025-42922
CVE
CVE-2025-42964
CVE
CVE-2025-42910
CVE
CVE-2025-42980
CVE
CVE-2026-27685
Sourced from NVD + CISA KEV + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.