Oct 12, 2025Ravie LakshmananVulnerability / Risk Intelligence
Oracle on Saturday issued a safety alert warning of a recent safety flaw impacting its E-Enterprise Suite that it stated may permit unauthorized entry to delicate information.
The vulnerability, tracked as CVE-2025-61884, carries a CVSS rating of seven.5, indicating excessive severity. It impacts variations from 12.2.3 by means of 12.2.14.
“Simply exploitable vulnerability permits an unauthenticated attacker with community entry through HTTP to compromise Oracle Configurator,” in accordance with an outline of the flaw within the NIST’s Nationwide Vulnerability Database (NVD). “Profitable assaults of this vulnerability can lead to unauthorized entry to essential information or full entry to all Oracle Configurator accessible information.”
In a standalone alert, Oracle stated the flaw is remotely exploitable with out requiring any authentication, making it essential that customers apply the replace as quickly as attainable. The corporate, nonetheless, makes no point out of it being exploited within the wild.
Oracle’s Chief Safety Officer, Rob Duhart, identified that the vulnerability impacts “some deployments” of E-Enterprise Suite and that it may very well be weaponized to permit entry to delicate assets.
The event comes shortly after Google Risk Intelligence Group (GTIG) and Mandiant disclosed that dozens of organizations might have been impacted following the zero-day exploitation of CVE-2025-61882 in Oracle’s E-Enterprise Suite (EBS) software program.
The assaults have been discovered to leverage the vulnerability to set off two completely different payload chains, dropping malware households like GOLDVEIN.JAVA, SAGEGIFT, SAGELEAF, and SAGEWAVE.
Whereas the tech large didn’t particularly attribute the exercise to a selected named menace actor or group, it is believed that the attackers are orchestrated by a hacking group with ties to the Cl0p ransomware group.
