InfoSecBulletin Cybersecurity for mankind
Oracle released an emergency security update over the weekend to fix a new vulnerability in E-Business Suite (EBS) that could allow remote access by unauthorized attackers.
CVE-2025-61884 is an information disclosure vulnerability in the Runtime UI component, impacting EBS versions 12.2.3 to 12.2.14. It could enable unauthorized attackers to remotely steal sensitive data if exploited.
India’s Tata Electronics hit by cyber breach: Hacker target 630 GB record
Anthropic’s Mythos reportedly broke NSA classified systems in hours
OpenAI New Method “Deployment Simulation” Predicts AI Risks Before Deployment
AryStinger botnet infected thousands of D-Link routers globally
Hacker suspected of sending alerts across Brazil
CyberSentinel AI features 33 security tools like Nmap, SQLMap, and ZAP, utilizing Claude and GPT
Barracuda hosts Dhaka roundtable on cyber resilience
CISA Alerts Fortinet Users as FortiBleed Affects 86,644 FortiGate Devices
CISA: Splunk flaw under active exploit, patch by Sunday
Texas data breach exposes 3 million driver’s licenses
“This vulnerability is remotely exploitable without authentication, i.e., it may be exploited over a network without the need for a username and password. Oracle strongly recommends that customers apply the updates or mitigations provided by this Security Alert as soon as possible,” Oracle said.
“This vulnerability has received a CVSS Base Score of 7.5. If successfully exploited, this vulnerability may allow access to sensitive resources, added Rob Duhart, Oracle’s Chief Security Officer.
Oracle issued a patch for CVE-2025-61884 shortly after a Clop extortion campaign that targeted executives at various companies, which was later associated with vulnerabilities in EBS patched in July 2025 and another Oracle EBS vulnerability known as CVE-2025-61882.
CrowdStrike reported that they first detected Clop exploiting CVE-2025-61882 in early August during data theft attacks.
WatchTowr Labs security researchers discovered that CVE-2025-61882 is a vulnerability that lets unverified attackers execute code remotely. This was shown by a leaked proof-of-concept exploit from May 2025 by the Scattered Lapsus$ Hunters cybercrime group.
The Clop extortion group was responsible for major data thefts involving zero-days in Accellion FTA, GoAnywhere MFT, Cleo, and MOVEit Transfer, which affected more than 2,770 organizations.
Oracle has not tagged the CVE-2025-61884 vulnerability patched over the weekend as exploited in the wild, and has yet to link it to CVE-2025-61882 attacks.
Defenders should urgently apply the out-of-band CVE-2025-61884 patch due to active targeting of internet-facing Oracle EBS instances.
