SAP has issued security updates to address a zero-day vulnerability, CVE-2025-42999, affecting NetWeaver servers, identified during investigations into previous attacks. Following the patch release on May 12, further investigations revealed ongoing exploits of vulnerabilities in NetWeaver Visual Composer, particularly CVE-2025-31324. Security companies have noted attacks involving unauthorized file uploads leading to the installation of malicious JSP web shells. Some incidents have links to a Chinese hacker group, highlighting the risk to vulnerable systems identified within major companies on the Internet.
SAP has released security updates addressing CVE-2025-42999, a zero-day vulnerability in NetWeaver, to ensure customer protection against ongoing attacks.
Security companies confirm multiple vulnerabilities in SAP NetWeaver Visual Composer, with exploitations seen as hackers place web shells on unpatched systems.
Collection
[
|
...
]