The attackers have been exploiting an important zero-day vulnerability in the visual composition component of the SAP Netwever application server since the beginning of this week. The SAP released an out-of-band fix that is available through its support portal and should be implemented immediately, especially on systems that are directly in contact with the Internet.
“Informal attackers can misuse the underlying functionality to upload arbitrary files on an SAP retaver institute,” CSO, CEO of Cybercity firm Watchtower, CSO told CSO, which means full remote code execution and total system agreement. “This is not a theoretical threat – this is happening right now. Watchtower is watching active exploitation by danger actors, who are using this vulnerability to leave the web shell backdoor on the exposed system and get further access.”
Pulpy, tracked as Cve-2025-31324The CVSS scale obtained the maximum severity score of 10. Customers should apply fix SAP Safety Note 3594142 (Need certification), but if they cannot immediately, they must be disabled or stopped by following the instructions. SAP Note 3596125Researchers at SAP-centered security firm OnapSis said a consultant.
