Oracle EBS Customers Urged to Act After Widespread Zero-Day Exploit
Oracle EBS customers are urged to investigate potential breaches following a widespread zero-day exploit. The Scattered Lapsus$ Hunters group leaked Python scripts used in the attacks on Telegram last Friday.
Oracle's Chief Security Officer, Rob Duhart, initially attributed the compromises to customers' failure to apply July 2025 security patches. However, this information was later removed from Oracle's post. The security advisory now lists IP addresses, files, and commands observed in the attacks, aiding in threat detection.
A security researcher has published a Nuclei script to identify Oracle E-Business Suite instances vulnerable to CVE-2025-61882. This script can help customers assess their risk and take necessary actions. In August 2025, the Cl0p extortion gang exploited multiple Oracle EBS vulnerabilities, including the zero-day flaw CVE-2025-61882, to steal large amounts of data from several victims.
Oracle has issued a Security Alert Advisory for CVE-2025-61882, affecting the BI Publisher Integration component of Oracle Concurrent Processing within Oracle E-Business Suite. The vulnerability is easily exploitable by unauthenticated attackers with network access via HTTP, potentially leading to remote code execution. Customers are advised to apply the necessary patches and review their security measures to mitigate potential risks.
Read also:
- Web3 social arcade extends Pixelverse's tap-to-earn feature beyond Telegram to Base and Farcaster platforms.
- Over 5,600 Road Safety Violations Caught in Manchester Trial
- Quintauris & Everspin Team Up to Boost RISC-V Reliability in Automotive
- Jaguar Land Rover Resumes Production After Cyberattack, UK Govt & Banks Provide £3.5B Support
