- Description
- SAP NetWeaver Visual Composer Metadata Uploader is vulnerable when a privileged user can upload untrusted or malicious content which, when deserialized, could potentially lead to a compromise of confidentiality, integrity, and availability of the host system.
- Source
- cna@sap.com
- NVD status
- Analyzed
CVSS 3.1
- Type
- Secondary
- Base score
- 9.1
- Impact score
- 6
- Exploitability score
- 2.3
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
- Severity
- CRITICAL
Data from CISA
- Vulnerability name
- SAP NetWeaver Deserialization Vulnerability
- Exploit added on
- May 15, 2025
- Exploit action due
- Jun 5, 2025
- Required action
- Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- cna@sap.com
- CWE-502
- Hype score
- Not currently trending
⚠️ New threat advisory: SAP zero-days CVE-2025-31324 & CVE-2025-42999 are under active exploitation. Dave DeWalt (@nightdragon) called them among the most serious SAP threats in years. Get intel, IOCs & IR guidance → https://t.co/uTbBHPIoAI #SAPSecurity #CVE2025
@onapsis
23 May 2025
3 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Vulnerabilities impacting SAP NetWeaver (CVE-2025-31324 and CVE-2025-42999) https://t.co/DNjFh87FE7 https://t.co/ft6XgGhEwV
@djhsecurity
21 May 2025
27 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
La principal amenaza se centra en dos vulnerabilidades criticas en los sistemas SAP: CVE-2025-31324 y CVE-2025-42999. https://t.co/lNbXfTukiq #alertasdeciberseguridad #Ataquesciberneticos #BarracudaNetworks #Ciberseguridad #Firewall #SAP https://t.co/BBh316TicY
@Cobra_Networks
19 May 2025
5 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-42999 (CVSS:9.1, CRITICAL) is Analyzed. SAP NetWeaver Visual Composer Metadata Uploader is vulnerable when a privileged user can upload untrusted or malicious c..https://t.co/JVQoejyoGK #cybersecurityawareness #cybersecurity #CVE #infosec #hacker #nvd #mitre
@cracbot
18 May 2025
1 Impression
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
SAP has released patches to address a second vulnerability exploited in recent attacks targeting SAP NetWeaver servers as a zero-day. The company issued security updates for this security flaw (CVE-2025-42999) on Monday May 12. https://t.co/nWxJccnpLr https://t.co/dRqiFUujcl
@riskigy
16 May 2025
37 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
SAP Issues Emergency Patches for Second Zero-Day Vulnerability! SAP has released critical security updates to patch a second zero-day vulnerability (CVE-2025-42999) affecting NetWeaver servers. This issue was discovered during a broader investigation into previous attacks https:
@ChbibAnas
15 May 2025
27 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
🚨 Microsoft Patch Tuesday: 78 Flaws, 5 Zero-Days Exploited! 🔍 28 RCE, 20 EoP bugs fixed 🔐 SAP NetWeaver critical flaw (CVE-2025-42999) patched Patch NOW: ✅ CVE-2025-30400 (Win DWM Core) ✅ CVE-2025-29813 (Azure, CVSS 10.0) 🛡️ Protect your systems #PatchTuesday #
@CyberWolfGuard
15 May 2025
42 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
SAP、ゼロデイ攻撃で悪用された脆弱性を修正(CVE-2025-42999) #セキュリティ対策Lab #セキュリティ #Security https://t.co/eU7h11mTd1
@securityLab_jp
15 May 2025
33 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 SAP Patches Second Zero-Day Under Active Exploitation CVE-2025-42999 lets attackers upload web shells & run commands without login. Over 2,000 systems at risk—patch ASAP. https://t.co/niQDeHBYhA #SAP #ZeroDay #CyberSecurity https://t.co/JsUp1pW53Y
@dCypherIO
14 May 2025
49 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-42999: Deserialization of Untrusted Data in SAP NetWeaver, 9.1 rating 🔥 Vuln in SAP NetWeaver allows a privileged attacker to upload arbitrary content. Search at https://t.co/hv7QKSqxTR: 👉 Link: https://t.co/QB2bUdSilo #cybersecurity #vulnerability_map https://t
@Netlas_io
14 May 2025
632 Impressions
5 Retweets
11 Likes
2 Bookmarks
0 Replies
0 Quotes
🚨SAP Zero-Day Alert! SAP patches another zero-day (CVE-2025-42999) in NetWeaver after active attacks. Over 2,000 servers exposed, 474 compromised. ⚠️ Apply patches now. Disable Visual Composer. Monitor for suspicious activity. #cybersecurity #SAP #Zeroday #TechpostAi ht
@TechPostAI
14 May 2025
42 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
🚨 URGENT UPDATE: Another SAP flaw under active exploitation! CVE-2025-42999 (CVSS 9.1) is now confirmed actively exploited — allows attackers to execute commands via insecure deserialization in NetWeaver. 🛠 Patch now: SAP Note 3604119 Read: https:... https://t.co/X8IpH
@IT_news_for_all
14 May 2025
26 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 URGENT UPDATE: Another SAP flaw under active exploitation! CVE-2025-42999 (CVSS 9.1) is now confirmed actively exploited — allows attackers to execute commands via insecure deserialization in NetWeaver. 🛠 Patch now: SAP Note 3604119 Read: https://t.co/g1JwIenCu3 http
@TheHackersNews
14 May 2025
10602 Impressions
45 Retweets
94 Likes
8 Bookmarks
0 Replies
1 Quote
🚨Fortinet、FortiVoiceシステムへの攻撃で悪用されたゼロデイを修正:CVE-2025-32756 ⚠️SAP、最近の攻撃で悪用された第2のゼロデイにパッチ:CVE-2025-42999 〜サイバーアラート 5月14日〜 https://t.co/0k8zbEeOq8 #セキュリ
@MachinaRecord
14 May 2025
15 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
SAP、最近の攻撃で悪用された2つ目のゼロデイ脆弱性を修正(CVE-2025-42999、CVE-2025-31324) https://t.co/mnS0LlmVgw #Security #セキュリティ #ニュース
@SecureShield_
14 May 2025
36 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
SAP patches two critical vulnerabilities (CVE-2025-31324 & CVE-2025-42999) exploited in recent zero-day attacks to upload web shells & backdoors. Organizations must update SAP NetWeaver now. 🚨 #SAP #CyberThreats #Germany https://t.co/WkjQyqSzYK
@TweetThreatNews
13 May 2025
5 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
SAP has issued patches for CVE-2025-42999 in NetWeaver servers after zero-day attacks, urging users to install them. Investigations revealed unauthorized uploads linked to a Chinese actor, with over 2,040 exposed servers identified. #Security https://t.co/gEysMXna2D
@Strivehawk
13 May 2025
56 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
⚠️Actualización de seguridad de SAP ❗CVE-2025-42999 ❗CVE-2025-30018 ❗CVE-2025-43010 ❗CVE-2025-43000 ❗CVE-2025-43011 ➡️Más info: https://t.co/FYfAYEsdyL https://t.co/PRTHNHg1wY
@CERTpy
13 May 2025
127 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-42999 SAP NetWeaver Visual Composer Metadata Uploader is vulnerable when a privileged user can upload untrusted or malicious content which, when deserialized, could potenti… https://t.co/L90EIudb71
@CVEnew
13 May 2025
450 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[CVE-2025-42999: CRITICAL] Update SAP NetWeaver Visual Composer Metadata Uploader to avoid a security flaw. Careful with untrusted uploads, protect confidentiality, integrity, and availability.#cve,CVE-2025-42999,#cybersecurity https://t.co/WgY9qeO1fO https://t.co/YXaa5SLEdW
@CveFindCom
13 May 2025
74 Impressions
1 Retweet
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sap:netweaver:7.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "74F7C92A-48F7-456A-BDFF-91A482DE8546"
}
],
"operator": "OR"
}
]
}
]