Oracle on Saturday issued a security alert warning of a newly discovered flaw in its E-Business Suite (EBS) that could allow unauthorized access to sensitive data. The vulnerability, tracked as CVE-2025-61884, carries a CVSS score of 7.5, indicating high severity, and affects versions 12.2.3 through 12.2.14 of the software.
“Easily exploitable vulnerability allows an unauthenticated attacker with network access via HTTP to compromise Oracle Configurator,” according to a description in the National Institute of Standards and Technology’s (NIST) National Vulnerability Database (NVD). “Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Configurator accessible data.”
Oracle emphasized that the flaw is remotely exploitable without requiring authentication, making prompt patching essential. In its alert, the company urged users to apply updates immediately but did not indicate any confirmed exploitation in the wild. Oracle Chief Security Officer Rob Duhart noted that the vulnerability impacts “some deployments” of E-Business Suite and could be weaponized to gain access to sensitive resources.
The alert follows recent disclosures by Google Threat Intelligence Group (GTIG) and cybersecurity firm Mandiant, which reported that dozens of organizations might have been affected by the zero-day exploitation of CVE-2025-61882, another EBS vulnerability. Attackers leveraged that flaw to execute two distinct payload chains, deploying malware families such as GOLDVEIN.JAVA, SAGEGIFT, SAGELEAF, and SAGEWAVE.
While Oracle has not attributed CVE-2025-61884 exploitation to any specific threat actor, cybersecurity experts suspect involvement by a group linked to the Cl0p ransomware organization. The combination of high severity, remote exploitability, and the potential for critical data compromise underscores the urgency for organizations to review their E-Business Suite installations and apply patches without delay.
With E-Business Suite widely used in enterprise environments, the vulnerability represents a significant risk to sensitive business operations. Analysts emphasize that organizations should not only patch affected systems but also monitor for unusual activity indicative of attempted exploitation, particularly in the wake of previous zero-day attacks targeting the platform.
 that could allow unauthorized....){kind=link}