THREAT OPS › CVEs › CVE-2025-42999
CVE-2025-42999 — SAP NetWeaver Deserialization Vulnerability
SAP NetWeaver Visual Composer Metadata Uploader contains a deserialization vulnerability that allows a privileged attacker to compromise the confidentiality, integrity, and availability of the host system by deserializing untrusted or malicious content.
Vulnerability details
- Affected productsNetWeaver
- KEV remediation due2025-06-05