Oracle identified a critical security flaw in its E-Business Suite software labeled CVE-2025-61882, with a high CVSS score of 9.8. This vulnerability permits unauthenticated attackers who can access the network via HTTP to potentially compromise and gain control over Oracle applications. The flaw’s exploitation has been observed in recent waves of attacks attributed to the Cl0p ransomware group, known for data theft and extortion.
In response, Oracle issued an emergency patch to mitigate the risk and prevent further exploitation. Timely application of this update is crucial as the vulnerability poses a severe threat to organizations using the affected Oracle software. Failure to patch promptly could lead to unauthorized access, data breaches, and significant operational disruption.
The active exploitation of this vulnerability underscores the ongoing cybersecurity challenges faced by enterprise software providers and highlights the need for continuous vigilance and rapid incident response. Organizations should prioritize this patch deployment to protect sensitive data and maintain system integrity.
👉 Pročitaj original: The Hacker News
