—–BEGIN PGP SIGNED MESSAGE—–

Hash: SHA256

CURRENT ACTIVITIES

Threat Actors exploiting Missing Authorization check Vulnerability in SAP NetWeaver (Visual Composer development server)

Indian – Computer Emergency Response Team (https://www.cert-in.org.in)

It has been reported that the threat actors are exploiting Missing Authorization check Vulnerability (CVE-2025-31324) in SAP NetWeaver (Visual Composer development server).

Software Affected

SAP NetWeaver (Visual Composer development server) Version – VCFRAMEWORK 7.50

Description

This vulnerability exists due to missing authorization check in SAP NetWeaver Visual Composer Metadata Uploader. An attacker could exploit this flaw to upload potentially malicious executable binaries, which may result in a complete compromise of the affected system.

Note: This vulnerability (CVE-2025-31324) is being exploited in the wild. Users are strongly advised to apply the latest patches immediately.

Solution

Apply appropriate updates as mentioned by the vendor:

https://support.sap.com/en/my-support/knowledge-base/security-notes-news/may-2025.html

Vendor Information

SAP

https://support.sap.com/en/my-support/knowledge-base/security-notes-news/may-2025.html

References

CERT-In

https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES02&VLCODE=CIAD-2025-0017

CVE Name

CVE-2025-31324

– —

Thanks and Regards,

CERT-In

Incident Response Help Desk

e-mail: incident@cert-in.org.in

Phone: +91-11-22902657

Toll Free Number: 1800-11-4949

Toll Free Fax : 1800-11-6969

Web: http://www.cert-in.org.in

PGP Fingerprint: A768 083E 4475 5725 B81A A379 2156 C0C0 B620 D0B4

PGP Key information:

https://www.cert-in.org.in/s2cMainServlet?pageid=CONTACTUS

Postal address:

Indian Computer Emergency Response Team (CERT-In)

Ministry of Electronics and Information Technology

Government of India

Electronics Niketan

6, C.G.O. Complex

New Delhi-110 003

—–BEGIN PGP SIGNATURE—–

iQIzBAEBCAAdFiEE6r4Iam/Ey0c/KakL3jCgcSdcys8FAmjlGLcACgkQ3jCgcSdc

ys8YqA//bQy1odKNyZOufSE08c3K3Gbifd6Uqjvq0sBCqfM+Xcgh3bnLSBjx71D7

gmEDF6yHQFGSdjWyKGh2ln4o/kaMFS4eeaQF2CYemJW9tNmBSAaPLzaCusix/EWk

A1rrhBSoAhQuMveL/wudCAnb62rixLtzoHE0nMpctC1vOfUoy+4TkVV5PQw0mnu4

4z4g1iAza9GISkSq/+sGzMuzPRCCv5sBjOgOVSb9PBYTaIOhjOCItyyzWU9CoGiE

mQdSqnwXlrkGYjTMEWVuIMEWb5q2AHoE7i/AgUcpgaGqPs0pttVHxRKZdhTO5ADa

zYk15OHQve5w3R9tjxVa5clKz4ZGBdgsthhXYo+fK6P2afD0md3jtjqTwchYaCpL

A+ks6k9ow1HUxcObMGwPV9/E1g4YGy4tvEKaGcNL3EBsYfG0aPLH3OCjoQ56Bd6p

vKXlug7xz424OssU5e7F1lcP4qmgDb0N+PUOD1KD+ZI1FuGP7nyV7xZuZC14EL8z

GMI6Z78RLcxr/vVOZSUmzN35irTYzi85ND7pHFiTULaB3icMTn9e1XM3azU87GNB

mctyURHduKcrTRfPi3uONqvZFl9AmHyaHmWZuJZ7UTPMn30Ox5QkCFlyO50CYiX2

iGpGvRYRasxT7JgOJEDKYlTdZDTd3/jj5iathb6qQOx0P5tmw+s=

=01JK

—–END PGP SIGNATURE—–