Oracle Urges EBS Customers to Patch Severe Code Execution Vulnerability
Oracle has issued a critical patch for its E-Business Suite (EBS), addressing a severe vulnerability (CVE-2025-61882) that allows unauthenticated remote threat actors to execute code on affected systems. The patch was released on October 4, 2025, following reports of active exploitation by threat actors, including the Cl0p ransomware group.
The vulnerability resides in the BI Publisher component of Oracle Concurrent Processing. It was first reported to Oracle in early October 2025, with confirmed attacks underway by October 6, 2025. Oracle EBS customers have received extortion emails related to this issue. Arctic Wolf, a cybersecurity firm, strongly recommends customers upgrade to the latest fixed version to mitigate this risk.
The CVE-2025-61882 vulnerability is part of a larger campaign exploiting several EBS vulnerabilities, addressed in Oracle's July 2025 update. A proof-of-concept exploit for this vulnerability has been shared via private Telegram channels, increasing the likelihood of continued targeting by threat actors due to the high level of access it provides.
Oracle EBS customers are urged to apply the October 2023 Critical Patch Update as a prerequisite for these updates and to patch the EBS vulnerabilities addressed in Oracle's July 2025 Critical Patch Update. The ongoing threat and successful data exfiltration by the Cl0p ransomware group highlight the importance of prompt action to protect against potential breaches.
Read also:
- InformationWarfare in the Modern Era: Enhancing an Information Strategy for today's Battlefield and Botnet Threats
- Ukraine's Drone Revolution: Rapid Evolution and Countermeasures
- EU's Energy Infrastructure Under Siege: Cyber Attacks Surge 67% in 2025
- Iranian Hackers Target Global Orgs with DCHSpy Malware via Fake VPNs
