Oracle on Saturday issued a safety alert warning of a recent safety flaw impacting its E-Enterprise Suite that it mentioned might enable unauthorized entry to delicate information.
The vulnerability, tracked as CVE-2025-61884, carries a CVSS rating of seven.5, indicating excessive severity. It impacts variations from 12.2.3 via 12.2.14.
“Simply exploitable vulnerability permits an unauthenticated attacker with community entry through HTTP to compromise Oracle Configurator,” based on a description of the flaw within the NIST’s Nationwide Vulnerability Database (NVD). “Profitable assaults of this vulnerability may end up in unauthorized entry to essential information or full entry to all Oracle Configurator accessible information.”
In a standalone alert, Oracle mentioned the flaw is remotely exploitable with out requiring any authentication, making it essential that customers apply the replace as quickly as attainable. The corporate, nevertheless, makes no point out of it being exploited within the wild.
Oracle’s Chief Safety Officer, Rob Duhart, identified that the vulnerability impacts “some deployments” of E-Enterprise Suite and that it could possibly be weaponized to permit entry to delicate assets.
The event comes shortly after Google Menace Intelligence Group (GTIG) and Mandiant disclosed that dozens of organizations might have been impacted following the zero-day exploitation of CVE-2025-61882 in Oracle’s E-Enterprise Suite (EBS) software program.
The assaults have been discovered to leverage the vulnerability to set off two totally different payload chains, dropping malware households like GOLDVEIN.JAVA, SAGEGIFT, SAGELEAF, and SAGEWAVE.
Whereas the tech large didn’t particularly attribute the exercise to a particular named menace actor or group, it is believed that the attackers are orchestrated by a hacking group with ties to the Cl0p ransomware group.
