Public Exploit Chains Two Critical SAP NetWeaver Flaws, Enabling System Compromise and Data Theft

20 Aug 2025

SAPNetWeaverCVE-2025-31324CVE-2025-42999exploitauthenticationbypassremotecodeexecutiondatatheftvulnerabilitypatchenterprisesecurity

A newly disclosed public exploit combines two critical vulnerabilities in SAP NetWeaver, posing significant risks to organizations. The exploit chains CVE-2025-31324 and CVE-2025-42999 to bypass authentication and execute remote code, according to SAP security firm Onapsis. CVE-2025-31324 has a CVSS score of 10.0, indicating maximum severity. SAP NetWeaver is a critical application platform used by many enterprises, making this exploit particularly dangerous. The public availability of the exploit lowers the barrier for attackers, increasing the likelihood of widespread exploitation. Successful exploitation could lead to system compromise and data theft, with severe implications for affected organizations. The chaining of vulnerabilities is a common tactic among advanced attackers, highlighting the importance of understanding and mitigating combined threats. Organizations using SAP NetWeaver should prioritize patching these vulnerabilities to prevent potential breaches.