Home / News / SAP April 2025 Patch Day elevated NetWeaver CVE-2025-31324 as a critical risk
Enterprise Apps

SAP April 2025 Patch Day elevated NetWeaver CVE-2025-31324 as a critical risk

In SAP Security Patch Day 2025 guidance, CVE-2025-31324 was listed with a CVSS 10.0 score and urgent patching implications.

NEXA Desk 25/04/2025 1 minute read
SAP April 2025 Patch Day elevated NetWeaver CVE-2025-31324 as a critical risk

SAP status

In the SAP Security Patch Day 2025 bulletin, CVE-2025-31324 affecting the SAP NetWeaver Visual Composer development server was listed as a critical risk. The bulletin highlighted a CVSS 10.0 rating and related note updates.

Enterprise impact

For internet-facing SAP systems, this issue is a high-priority item for patch governance and exposure review. Environments running the SAP Java stack should review urgently.

  • CVE-2025-31324 was reported as critical with a CVSS 10.0 score
  • SAP NetWeaver Visual Composer development server was affected
  • Enterprise SAP environments need urgent patch review