What is the CVSS score of CVE-2025-42977?

CVE-2025-42977 has a CVSS 3.1 base score of 7.6 (High). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:L/A:N. EPSS exploitation probability: 0.3%.

Which versions of SAP are affected by CVE-2025-42977?

SAP NetWeaver Visual Composer contains a directory traversal vulnerability (CVE-2025-42977) that could allow attackers with high-level system access to read or modify sensitive files on affected…

How to fix or mitigate CVE-2025-42977?

Within 24 hours: Identify all systems running SAP NetWeaver Visual Composer and document business-critical dependencies. Within 7 days: Implement network segmentation to restrict access to Visual Composer to trusted administrative networks only, and enable comprehensive audit logging of all file access activities. Within 30 days: Monitor SAP security advisories for patch availability and develop a deployment plan; consider disabling Visual Composer features if not operationally critical.

SAP CVE-2025-42977

EUVD-2025-17605 HIGH

Path Traversal (CWE-22)

2025-06-10 cna@sap.com

Information Disclosure Path Traversal SAP

7.6

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:L/A:N

Attack Vector

Network

Attack Complexity

Low

Privileges Required

High

User Interaction

None

Scope

Changed

Confidentiality

High

Integrity

Low

Availability

None

Lifecycle Timeline

EUVD ID Assigned

Mar 14, 2026 - 19:49 euvd

EUVD-2025-17605

Analysis Generated

Mar 14, 2026 - 19:49 vuln.today

CVE Published

Jun 10, 2025 - 01:15 nvd

HIGH 7.6

DescriptionNVD

SAP NetWeaver Visual Composer contains a Directory Traversal vulnerability caused by insufficient validation of input paths provided by a high-privileged user. This allows an attacker to read or modify arbitrary files, resulting in a high impact on confidentiality and a low impact on integrity.

AnalysisAI

SAP NetWeaver Visual Composer contains a directory traversal vulnerability (CWE-22) that allows high-privileged users to bypass path validation controls and read or modify arbitrary files on the system. The vulnerability affects SAP NetWeaver Visual Composer across supported versions and has a CVSS score of 7.6 due to high confidentiality impact and network-accessible attack vector, though exploitation requires high privileges (PR:H). Exploitation likelihood and KEV/POC status cannot be confirmed from available data, but the high-privilege prerequisite significantly reduces real-world exploitability compared to the base CVSS score suggests.

Technical ContextAI

This vulnerability exists in SAP NetWeaver Visual Composer, a visual development and composition platform for enterprise applications within the SAP NetWeaver ecosystem. The root cause is insufficient input validation (CWE-22: Improper Limitation of a Pathname to a Restricted Directory) in file path handling logic. When processing file paths provided by high-privileged users (likely administrators or system designers), the application fails to properly normalize and validate input paths, allowing traversal sequences (e.g., '../../../') or absolute path injection to escape intended directory boundaries. This affects the file I/O operations within the Visual Composer's design-time or runtime environment, potentially exposing sensitive configuration files, source code, or system files. The vulnerability is network-accessible (AV:N) suggesting it may be exploitable through web interfaces, but requires high privilege level (PR:H) to trigger, limiting the attack surface to authenticated administrative users.

RemediationAI

Apply SAP security patches released for NetWeaver Visual Composer addressing CVE-2025-42977 (specific patch versions not provided in source data). Mitigation steps: (1) Consult SAP Security Patch Day announcements and security advisories for affected version patches; (2) Implement strict access controls limiting Visual Composer administrative accounts to users with legitimate design-time responsibilities; (3) Monitor and audit all file operations initiated by Visual Composer components using file system auditing (Windows Event Log, Linux auditd); (4) Apply principle of least privilege to service accounts running Visual Composer, restricting file system access to only necessary directories; (5) If patching is delayed, disable or restrict network access to Visual Composer design-time interfaces; (6) Review and strengthen authentication mechanisms for Visual Composer administrative interfaces (multi-factor authentication for privileged accounts). Vendor advisory: Await SAP Security Patch Day release notes or search SAP Service Marketplace (support.sap.com) for vulnerability resolution details.

CVE-2025-42977 vulnerability details – vuln.today

Back