German software giant SAP's widely-used SAP NetWeaver was exploited due to a critical vulnerability in its Visual Composer development server. The vulnerability enabled an unauthenticated attacker to upload potentially harmful executable binaries. This compromise could significantly affect the confidentiality, integrity, and availability of the targeted system. The vulnerability was detected in April 2025 and assigned the highest severity score by SAP, 10.0 (CVSS v3.1). Although SAP quickly released an emergency fix, affected systems running the latest SAP service pack were already exploited, signifying a zero-day attack.
Source: https://www.infosecurity-magazine.com/news/sap-fixes-critical-vulnerability/
TPRM report: https://scoringcyber.rankiteo.com/company/sap
"id": "sap758042625",
"linkid": "sap",
"type": "Vulnerability",
"date": "4/2025",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization’s existence"{'affected_entities': [{'industry': 'Information Technology',
'location': 'Germany',
'name': 'SAP',
'type': 'Software Company'}],
'attack_vector': 'Unauthenticated upload of executable binaries',
'date_detected': 'April 2025',
'description': "A critical vulnerability in SAP NetWeaver's Visual Composer "
'development server allowed an unauthenticated attacker to '
'upload potentially harmful executable binaries, affecting the '
'confidentiality, integrity, and availability of the targeted '
'system.',
'impact': {'systems_affected': ['Systems running the latest SAP service '
'pack']},
'response': {'remediation_measures': ['Emergency fix released by SAP']},
'title': 'SAP NetWeaver Visual Composer Vulnerability Exploitation',
'type': 'Zero-day attack',
'vulnerability_exploited': 'Critical vulnerability in SAP NetWeaver Visual '
'Composer development server'}