Protera Blog Responding to SAP Zero-Day CVE-2025-31324: A Case Study

When the critical SAP NetWeaver Visual Composer vulnerability CVE-2025-31324 was disclosed, prompt action was essential. This vulnerability, assigned a perfect Common Vulnerability Scoring System (CVSS) score of 10.0, involved a missing authorization check in the Metadata Uploader component, allowing unauthenticated attackers to upload malicious files and execute arbitrary code on unprotected systems. With confirmed active exploitation in the wild, this article outlines the methodical response undertaken by Protera teams to address this severe threat for managed SAP environments.