CVE-2025-42999 Information

Description

SAP NetWeaver Visual Composer Metadata Uploader is vulnerable when a privileged user can upload untrusted or malicious content which when deserialized could potentially lead to a compromise of confidentiality integrity and availability of the host system.

Reference

https://me.sap.com/notes/3604119 https://onapsis.com/blog/active-exploitation-of-sap-vulnerability-cve-2025-31324/ https://url.sap/sapsecuritypatchday https://url.sap/sapsecuritypatchday