- This Week in Scams: $16.6 Billion Lost, Deepfakes Rise, and Google Email Scams Emerge | McAfee Blog
- Proof-of-concept bypass shows weakness in Linux security tools, claims Israeli vendor
- SAP NetWeaver customers urged to deploy patch for critical zero-day vulnerability
- Lenovo targets AI workloads with massive storage update
- Girls Power Tech Inspires the Next Generation of Tech Leaders
SAP NetWeaver customers urged to deploy patch for critical zero-day vulnerability
Attackers have been exploiting a critical zero-day vulnerability in the Visual Composer component of the SAP NetWeaver application server since early this week. SAP released an out-of-band fix that’s available through its support portal and it should be applied immediately, especially on systems that are directly exposed to the internet.
“Unauthenticated attackers can abuse built-in functionality to upload arbitrary files to an SAP NetWeaver instance, which means full remote code execution and total system compromise,” Benjamin Harris, CEO of cybersecurity firm WatchTowr, told CSO. “This isn’t a theoretical threat — it’s happening right now. WatchTowr is seeing active exploitation by threat actors, who are using this vulnerability to drop web shell backdoors onto exposed systems and gain further access.”
The vulnerability, tracked as CVE-2025-31324, received the maximum severity score of 10 on the CVSS scale. Customers should apply the fix in SAP Security Note 3594142 (requires authentication), but if they can’t immediately they should disable or prevent access to the vulnerable component by following instructions in SAP note 3596125, researchers from SAP-focused security firm Onapsis said in an advisory.
