A recently disclosed critical security flaw impacting SAP NetWeaver is being exploited by multiple China-nexus nation-state actors to target critical infrastructure networks.
"Actors leveraged CVE-2025-31324, an unauthenticated file upload vulnerability that enables remote code execution (RCE)," EclecticIQ researcher Arda Büyükkaya said in an analysis published today.
Targets of the campaign



Source: TheHackerNews
Source Link: https://thehackernews.com/2025/05/china-linked-apts-exploit-sap-cve-2025.html