Cyber attacks, like other types of security incidents, range dramatically in scope and impact. When defenders are prepared, an incident may be contained, damage limited, and recovery swift. When caught unprepared, a single incident may result in days or weeks of downtime, lost revenue, tarnished reputation, regulatory penalties or class action settlements [1][2]. In May […]
https://www.greenbone.net/wp-content/uploads/Gb_New-logo_horizontal_head.png00Greenbone AGhttps://www.greenbone.net/wp-content/uploads/Gb_New-logo_horizontal_head.pngGreenbone AG2025-05-22 13:01:362025-05-22 13:01:36Greenbone Reduces the Blast Radius of a Cyber Breach
Greenbone AG has been consistently committed to an independent and resilient supply chain for the provision of vulnerability data for many years. Against the background of current discussions on the financing and sustainability of the CVE programme of the US organisation MITRE, we would like to inform you about our measures to ensure the continuous […]
https://www.greenbone.net/wp-content/uploads/Gb_New-logo_horizontal_head.png00Greenbone AGhttps://www.greenbone.net/wp-content/uploads/Gb_New-logo_horizontal_head.pngGreenbone AG2025-05-21 15:34:312025-05-26 10:37:44Availability of CVE Vulnerability Data in Greenbone Products
CVE-2025-31324 (CVSS 9.8), published on April 24th 2025, allows unauthenticated attackers to upload executable files [CWE-434] via the NetWeaver Visual Composer component which can result in Remote Code Execution (RCE). The CVE presents a high degree of risk; many publicly available proof-of-concept (PoC) exploits [1][2][3][4][5] are available, and active attack campaigns have been alerted by […]
Greenbone Reduces the Blast Radius of a Cyber Breach
BlogCyber attacks, like other types of security incidents, range dramatically in scope and impact. When defenders are prepared, an incident may be contained, damage limited, and recovery swift. When caught unprepared, a single incident may result in days or weeks of downtime, lost revenue, tarnished reputation, regulatory penalties or class action settlements [1][2]. In May […]
Availability of CVE Vulnerability Data in Greenbone Products
BlogGreenbone AG has been consistently committed to an independent and resilient supply chain for the provision of vulnerability data for many years. Against the background of current discussions on the financing and sustainability of the CVE programme of the US organisation MITRE, we would like to inform you about our measures to ensure the continuous […]
CVE-2025-31324: An Actively Exploited Flaw Affecting SAP NetWeaver Visual Composer
BlogCVE-2025-31324 (CVSS 9.8), published on April 24th 2025, allows unauthenticated attackers to upload executable files [CWE-434] via the NetWeaver Visual Composer component which can result in Remote Code Execution (RCE). The CVE presents a high degree of risk; many publicly available proof-of-concept (PoC) exploits [1][2][3][4][5] are available, and active attack campaigns have been alerted by […]