Fixed Intel

CISA Known Exploited Vulnerability

This vulnerability is actively exploited in the wild and listed in the CISA Known Exploited Vulnerabilities catalog.

Remediation Deadline: May 20, 2025

CVE-2025-31324

High
EPSS 35.3%CISA KEVRansomware
SAP/NetWeaver

Description

SAP NetWeaver Visual Composer Metadata Uploader contains an unrestricted file upload vulnerability that allows an unauthenticated agent to upload potentially malicious executable binaries.

EPSS — Exploit Probability

35.3%

Higher than 97.0% of all CVEs

Required Action

https://me.sap.com/notes/3594142 ; https://nvd.nist.gov/vuln/detail/CVE-2025-31324

Related Articles (1)

Industry News

M-Trends 2026: Initial Access Handoff Shrinks From Hours to 22 Seconds

The latest M-Trends report is based on insights from over 500,000 hours of Mandiant incident response investigations in 2025.

Mar 23, 2026

Risk Assessment

HIGH
In CISA KEV
Ransomware

Details

Severity
High
EPSS
35.3%
CISA KEV
Yes
Ransomware
Known
Articles
1

Timeline

Published

Apr 29, 2025

Added to KEV

Apr 29, 2025

Remediation Due

May 20, 2025

Affected Product

SAP

NetWeaver

View all SAP CVEs

External Links

NVD (NIST)CVE DetailsMITRE CVE