Cloud Vulnerability DB
A community-led vulnerabilities database
Vulnerability DatabaseCVE-2025-42999
CVE-2025-42999:
SAP Visual Composer vulnerability analysis and mitigation
Overview
SAP NetWeaver Visual Composer Metadata Uploader contains a critical vulnerability (CVE-2025-42999) discovered in May 2025. The vulnerability allows privileged users with VisualComposerUser role to upload untrusted or malicious content which, when deserialized, could potentially lead to a compromise of confidentiality, integrity, and availability of the host system. This vulnerability affects SAP NetWeaver systems with Visual Composer enabled, which is included by default starting with SAP NetWeaver 2004s (Arctic Wolf, NVD).
Technical details
The vulnerability has been assigned a CVSS v3.1 base score of 9.1 CRITICAL with the vector string CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H. The vulnerability is classified as CWE-502 (Deserialization of Untrusted Data). The issue stems from insecure deserialization in the Visual Composer component, which can be exploited by users with specific privileges (NVD).
Impact
If successfully exploited, the vulnerability can lead to a complete compromise of the system's confidentiality, integrity, and availability. The attack could potentially allow threat actors to execute arbitrary commands, gain unauthorized access to sensitive data, and compromise the host system. This vulnerability is particularly concerning as it affects a component that is enabled by default in many SAP NetWeaver installations (Arctic Wolf).
Mitigation and workarounds
SAP has released Security Note 3604119 to address this vulnerability. All customers are strongly advised to apply this security note immediately, regardless of whether they have previously implemented Security Note 3594142. The patches included in Security Note 3604119 are cumulative and contain all necessary corrections (Arctic Wolf).
Community reactions
The security community has responded actively to this vulnerability, with multiple security firms including Arctic Wolf, Onapsis, and EclecticIQ providing detailed analysis and threat intelligence. The vulnerability has garnered significant attention due to its critical nature and active exploitation in the wild (Arctic Wolf, Hacker News).
Additional resources
Source: This report was generated using AI
Free Vulnerability Assessment
Benchmark your Cloud Security Posture
Evaluate your cloud security practices across 9 security domains to benchmark your risk level and identify gaps in your defenses.
Additional Wiz resources
Get a personalized demo
Ready to see Wiz in action?
"Best User Experience I have ever seen, provides full visibility to cloud workloads."
David EstlickCISO
"Wiz provides a single pane of glass to see what is going on in our cloud environments."
Adam FletcherChief Security Officer
"We know that if Wiz identifies something as critical, it actually is."
Greg PoniatowskiHead of Threat and Vulnerability Management