MS-ISAC consultancy number:
2025-044
Published date (s):
04/25/2025
PREVIEW:
Vulnerability has been discovered in SAP Netweaver Visual Composer, which could allow the execution of remote code. SAP Netweaver Visual Composer is a SAPS web software modeling tool. It allows specialists in business processes and developers to create commercial application components, without coding. The successful exploitation of this vulnerability could allow the execution of remote code in the context of the system.
Threat intelligence:
Confirmed Reliaquet and Watchtower at the CVE-2025-31324 are actively exploited in the wild.
RISK:
Government:
Large and medium government entities
Small government
Large and medium business entities
Small business entities
