Article Details

China-Linked APTs Exploit SAP CVE-2025-31324 to Breach 581 Critical Systems Worldwide

Source: The Hacker News
Published: 2025-05-13 15:13
Fetched: 2025-05-13 16:19
Read Original Article

Summary

A critical security flaw in SAP NetWeaver, identified as CVE-2025-31324, is being actively exploited by China-linked advanced persistent threat (APT) groups. This vulnerability, which allows unauthenticated file uploads leading to remote code execution (RCE), has been used to breach 581 critical systems globally. The attacks primarily target critical infrastructure networks, posing significant risks to their operational integrity. EclecticIQ's analysis highlights the strategic nature of these attacks, emphasizing the need for immediate patching and enhanced monitoring of affected systems. The exploitation underscores the persistent threat nation-state actors pose to global cybersecurity, particularly in sectors vital to national security.

LinkedIn Post

🚨 Critical SAP NetWeaver flaw (CVE-2025-31324) exploited by China-linked APTs, breaching 581 critical systems globally. Immediate action required to patch and protect infrastructure. #Cybersecurity #SAP #APT #CriticalInfrastructure #ThreatAlert

Content

A recently disclosed critical security flaw impacting SAP NetWeaver is being exploited by multiple China-nexus nation-state actors to target critical infrastructure networks. "Actors leveraged CVE-2025-31324, an unauthenticated file upload vulnerability that enables remote code execution (RCE)," EclecticIQ researcher Arda Büyükkaya said in an analysis published today. Targets of the campaign