Skip to main content

CVE-2025-31324 - SAP NetWeaver Visual Composer

Download With Dependencies

This pack handles CVE-2025-31324 - SAP NetWeaver Visual Composer

This pack is part of the Rapid Breach Response pack.

CVE-2025-31324 is a critical zero-day vulnerability in the Metadata Uploader component of SAP NetWeaver Visual Composer. The flaw stems from missing authorization checks, letting unauthenticated attackers upload malicious binaries. Successful exploitation can lead to full remote-code execution (RCE), jeopardising confidentiality, integrity, and availability.

Unauthenticated attackers can upload arbitrary files (for example, JSP web shells) and gain code-execution with the privileges of the SAP application-server process.

References
Unit 42 threat brief
NIST NVD entry

Cortex XDR - CVE-2025-31324 - SAP NetWeaver Visual Composer

PUBLISHER

PLATFORMS

Cortex XSOAR

INFO

CertificationRead more
Supported ByCortex
CreatedJuly 1, 2025
Last ReleaseJuly 1, 2025
WORKS WITH THE FOLLOWING INTEGRATIONS:

DISCLAIMER
Content packs are licensed by the Publisher identified above and subject to the Publisher’s own licensing terms. Palo Alto Networks is not liable for and does not warrant or support any content pack produced by a third-party Publisher, whether or not such packs are designated as “Palo Alto Networks-certified” or otherwise.