Oracle has issued an emergency safety replace over the weekend to patch one other E-Enterprise Suite (EBS) vulnerability that may be exploited remotely by unauthenticated attackers.
Tracked as CVE-2025-61884, this info disclosure flaw within the Runtime UI part impacts EBS variations 12.2.3 to 12.2.14 and will permit unauthenticated risk actors to steal delicate knowledge remotely following profitable exploitation.
“This vulnerability is remotely exploitable with out authentication, i.e., it could be exploited over a community with out the necessity for a username and password. Oracle strongly recommends that prospects apply the updates or mitigations supplied by this Safety Alert as quickly as potential,” Oracle stated.
“This vulnerability has obtained a CVSS Base Rating of seven.5. If efficiently exploited, this vulnerability could permit entry to delicate sources, added Rob Duhart, Oracle’s Chief Safety Officer.
Oracle launched the CVE-2025-61884 patch virtually two weeks after a Clop extortion marketing campaign focusing on executives at a number of firms, which the corporate later linked to EBS vulnerabilities patched in July 2025 after which to a different Oracle EBS vulnerability now tracked as CVE-2025-61882.
Since then, cybersecurity agency CrowdStrike stated they first noticed Clop exploiting CVE-2025-61882 as a zero-day since early August in knowledge theft assaults and warned that different risk teams could have additionally joined the assaults.
watchTowr Labs safety researchers have additionally discovered that CVE-2025-61882 is a vulnerability chain that may permit unauthenticated attackers to realize distant code execution, as evidenced by a proof-of-concept (PoC) exploit (with a Could 2025 timestamp) that was leaked on-line by the Scattered Lapsus$ Hunters cybercrime gang.
The Clop extortion group was behind different main knowledge theft campaigns focusing on zero-days in Accellion FTA, GoAnywhere MFT, Cleo, and MOVEit Switch, with the latter impacting over 2,770 organizations.
Oracle has not tagged the CVE-2025-61884 vulnerability patched over the weekend as exploited within the wild, and has but to hyperlink it to CVE-2025-61882 assaults.
Nevertheless, seeing that internet-facing Oracle EBS situations are actively focused, defenders are strongly suggested to use the out-of-band CVE-2025-61884 patch as quickly as potential.
Be a part of the Breach and Assault Simulation Summit and expertise the way forward for safety validation. Hear from prime specialists and see how AI-powered BAS is remodeling breach and assault simulation.
Do not miss the occasion that may form the way forward for your safety technique
