CVE-2025-31324

Vulnerability updated 6 months ago (2025-04-25T17:56:34.036Z)

Download STIX

Preview STIX

Not enough context has been learned about CVE-2025-31324 for a description yet. However we're tracking it as a Vulnerability profile. Vulnerability: A flaw in software design or implementation

Description last updated:

What's your take? (Question 1 of 3)

Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.

Aliases We are not currently tracking any aliases

Miscellaneous Associations

Other elements of context that could aid in the identification of relevance

Sap

Vulnerability

Exploit

Analyst Notes & Discussion

Be the first to leave your mark here! Log in to share your views and vote.

Associated Threat Actors

To see the evidence that has resulted in these threatActor associations, create a free account

Alias Description	Association Type	Votes
The BianLian Threat Actor is associated with CVE-2025-31324. BianLian is a threat actor that has been active in cybercrime, leveraging various techniques for malicious intent. Prior to January 2024, the group used an encryptor (encryptor.exe) that modified all encrypted files to have the .bianlian extension and created a ransom note in each affected directory	Unspecified	2

Source Document References

Information about the CVE-2025-31324 Vulnerability was read from the documents corpus below. This display is limited to 20 results, create a free account to see more

Source Link	CreatedAt	Title
Securelist	2 months ago	Desktop and IoT threat report for Q2 2025
Securelist	2 months ago	Vulnerability landscape analysis for Q2 2025
Securityaffairs	2 months ago	Security Affairs newsletter Round 538 by Pierluigi Paganini – INTERNATIONAL EDITION
Securityaffairs	2 months ago	Exploit weaponizes SAP NetWeaver bugs for full system compromise
InfoSecurity-magazine	2 months ago	Public Exploit Released for Critical SAP NetWeaver Flaw
Securityaffairs	3 months ago	Critical SAP flaw exploited to launch Auto-Color Malware attack on U.S. company
InfoSecurity-magazine	3 months ago	Auto-Color Backdoor Malware Exploits SAP Vulnerability
Recorded Future	4 months ago	Smarter Cybersecurity with IPv6: How Drip Architecture Defeats Spray-and-Pray Attacks
Trend Micro	5 months ago	Earth Lamia Develops Custom Arsenal to Target Multiple Industries
Canadian Centre for Cyber Security	5 months ago	Vulnerabilities impacting SAP NetWeaver (CVE-2025-31324 and CVE-2025-42999) - Canadian Centre for Cyber Security
Checkpoint	5 months ago	19th May – Threat Intelligence Report - Check Point Research
InfoSecurity-magazine	5 months ago	SAP Flaw Exploited by Ransomware Groups and Chinese-Backed Hackers
InfoSecurity-magazine	6 months ago	Microsoft Fixes Seven Zero-Days in May Patch Tuesday
Securityaffairs	6 months ago	Security Affairs newsletter Round 523 by Pierluigi Paganini – INTERNATIONAL EDITION
Unit42	6 months ago	Threat Brief: CVE-2025-31324
Securityaffairs	6 months ago	Experts warn of a second wave of attacks targeting SAP NetWeaver bug CVE-2025-31324
Securityaffairs	6 months ago	U.S. CISA adds SAP NetWeaver flaw to its Known Exploited Vulnerabilities catalog
CISA	6 months ago	CISA Adds One Known Exploited Vulnerability to Catalog \| CISA
Checkpoint	6 months ago	28th April – Threat Intelligence Report - Check Point Research
InfoSecurity-magazine	6 months ago	SAP Fixes Critical Vulnerability After Evidence of Exploitation