Just one week ago, SAP defenders were briefed on an active exploitation campaign targeting a critical CVSS 10.0 vulnerability (CVE-2025-31324). The attack campaign was executed against SAP systems around the world. Thanks to rapid response from SAP, a security patch was released quickly. However, the ongoing impact of this orchestrated attack campaign remains far-reaching and the threat of further potential exploitation of this vulnerability is still very much active.
Onapsis in collaboration with Mandiant (part of Google Cloud) invites you to a webinar to discuss the current state of the attack campaign for CVE-2025-31324, including
- Details on the attack campaign
- Further details on the vulnerability, its indicators of compromise, and remediation strategies
- New insights from ongoing research and incident response investigations by the Onapsis Research Labs and Mandiant
- How to best protect your critical SAP assets and your organization.
In the meantime, you can also view our detailed blog around this collaboration to assist defenders with this SAP zero-day.