Alert: Active Exploitation of Oracle E-Business Suite Vulnerability (CVE-2025-61882)
A critical vulnerability (CVE-2025-61882, CVSS 9.8) in Oracle E-Business Suite is being actively exploited worldwide by the Cl0p ransomware group. The flaw allows unauthenticated remote code execution, enabling attackers to compromise affected systems.
Affected Systems:
Oracle E-Business Suite versions 12.2.3 to 12.2.14.
Security Risks
Successful exploitation can let attackers take full control of the system, access sensitive information, disrupt operations, and compromise the security and reliability of affected systems.
Recommended Actions
The National Cyber Security Authority (NCSA) strongly recommends that system administrators to: