<ul><li>A zero-day vulnerability in SAP NetWeaver, tracked as CVE-2025-31324, is potentially being exploited.</li><li>The vulnerability allows unauthenticated attackers to upload malicious executable files to the system.</li><li>Once the files are uploaded, the attackers can execute them on the host system, leading to a full compromise of the SAP environment.</li><li>The vulnerability has been patched by SAP, and researchers recommend applying the patch to mitigate the risk.</li></ul>

SAP NetWeaver zero-day allegedly exploited by an initial access broker

Discover more