Oracle on Saturday issued a security alert warning of a contemporary security flaw impacting its E-Enterprise Suite that it mentioned may enable unauthorized entry to delicate information.
The vulnerability, tracked as CVE-2025-61884, carries a CVSS rating of seven.5, indicating excessive severity. It impacts variations from 12.2.3 by means of 12.2.14.
“Simply exploitable vulnerability permits an unauthenticated attacker with community entry by way of HTTP to compromise Oracle Configurator,” in line with an outline of the flaw within the NIST’s Nationwide Vulnerability Database (NVD). “Profitable assaults of this vulnerability may end up in unauthorized entry to crucial information or full entry to all Oracle Configurator accessible information.”
In a standalone alert, Oracle mentioned the flaw is remotely exploitable with out requiring any authentication, making it essential that customers apply the replace as quickly as potential. The corporate, nevertheless, makes no point out of it being exploited within the wild.
Oracle’s Chief Safety Officer, Rob Duhart, identified that the vulnerability impacts “some deployments” of E-Enterprise Suite and that it could possibly be weaponized to permit entry to delicate sources.
The event comes shortly after Google Menace Intelligence Group (GTIG) and Mandiant disclosed that dozens of organizations could have been impacted following the zero-day exploitation of CVE-2025-61882 in Oracle’s E-Enterprise Suite (EBS) software program.
The assaults have been discovered to leverage the vulnerability to set off two totally different payload chains, dropping malware households like GOLDVEIN.JAVA, SAGEGIFT, SAGELEAF, and SAGEWAVE.
Whereas the tech big didn’t particularly attribute the exercise to a particular named risk actor or group, it is believed that the attackers are orchestrated by a hacking group with ties to the Cl0p ransomware group.
