Oracle has issued an urgent alert for a critical zero-day vulnerability in its E-Business Suite, allowing remote code execution without authentication. This flaw, identified as CVE-2025-61882, affects versions 12.2.3 to 12.2.14 and has been assigned a CVSS score of 9.8, indicating its severe nature. The vulnerability resides in the Oracle Concurrent Processing BI Publisher Integration component and can be exploited over a network using the HTTP protocol.
Cybersecurity researcher rxerium has released a proof-of-concept detection template, increasing the risk for systems that have not been patched. The detection method involves checking for specific text on the E-Business Suite home page and comparing the Last-Modified header date to October 4, 2025. Systems with earlier dates are flagged as vulnerable.
Oracle’s advisory warns of potential active exploitation, with suspicious IP addresses and malicious command attempts detected. Security teams are advised to search for specific file hashes linked to exploitation attempts. Immediate application of security updates is strongly recommended to protect against potential system compromise. Organizations should prioritize patching and conduct scans to identify vulnerable systems before they are exploited by threat actors.
