CVE-2025-42999 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	9.1 CRITICAL	NETWORK	LOW	HIGH	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
sap	CNA	9.1 CRITICAL	NETWORK	LOW	HIGH	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
CISA-ADP	ADP	---				---
CVE	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 94%

Vendor	Product	Version
sap	netweaver	7.5

𝑥

= Vulnerable software versions

Known Exploits!

https://onapsis.com/blog/active-exploitation-of-sap-vulnerability-cve-2025-31324/

Common Weakness Enumeration

CWE-502 - Deserialization of Untrusted Data
The application deserializes untrusted data without sufficiently verifying that the resulting data will be valid.

Vulnerability Media Exposure

[GERMAN] SAP-Patchday: Kritische Netweaver-Lücke und viele mehr gestopft
Im Mai widmen sich SAPs Entwickler 16 neuen Sicherheitsmitteilungen. Eine behandelt eine kritische Lücke in Netweaver.
Published: 2025-05-13T12:36:00+00:00
[ENGLISH] China-Linked APTs Exploit SAP CVE-2025-31324 to Breach 581 Critical Systems Worldwide
A recently disclosed critical security flaw impacting SAP NetWeaver is being exploited by multiple China-nexus nation-state actors to target critical infrastructure networks. "Actors leveraged CVE-2025-31324, an unauthenticated file upload vulnerability that enables remote code execution (RCE)," EclecticIQ researcher Arda Büyükkaya said in an analysis published today. Targets of the campaign
Published: 2025-05-13T20:43:00+05:30
[ENGLISH] BianLian and RansomExx Exploit SAP NetWeaver Flaw to Deploy PipeMagic Trojan
At least two different cybercrime groups BianLian and RansomExx are said to have exploited a recently disclosed security flaw in SAP NetWeaver tracked as CVE-2025-31324, indicating that multiple threat actors are taking advantage of the bug. Cybersecurity firm ReliaQuest, in a new update published today, said it uncovered evidence suggesting involvement from the BianLian data extortion crew and
Published: 2025-05-14T23:20:00+05:30
[GERMAN] Warnung vor Angriffen auf neue SAP-Netweaver-Lücke, Chrome und Draytek-Router
Die US-amerikanische IT-Sicherheitsbehörde CISA warnt vor Angriffen auf eine neue SAP-Netweaver-Lücke sowie auf Chrome und Draytek-Router.
Published: 2025-05-16T06:27:00+00:00
[GERMAN] Update für kritische NetWeaver-Schwachstelle
Kunden, die SAP NetWeaver einsetzen, sollten sich das Update zur Zero-Day-Schwachstelle ansehen, die im April geschlossen wurde. Außerdem gibt es eine weitere kritische Sicherheitslücke in der Lösung, für die SAP im Patchday Updates veröffentlicht.
Published: 2025-05-19T07:00:00+02:00
[ENGLISH] ⚡ Weekly Recap: Zero-Day Exploits, Insider Threats, APT Targeting, Botnets and More
Cybersecurity leaders aren’t just dealing with attacks—they’re also protecting trust, keeping systems running, and maintaining their organization’s reputation. This week’s developments highlight a bigger issue: as we rely more on digital tools, hidden weaknesses can quietly grow.  Just fixing problems isn’t enough anymore—resilience needs to be built into everything from the ground up.
Published: 2025-05-19T15:30:00+05:30

References

https://me.sap.com/notes/3604119

https://url.sap/sapsecuritypatchday

https://onapsis.com/blog/active-exploitation-of-sap-vulnerability-cve-2025-31324/