CVE-2025-61757 - PatchNow

Data Source: CIRCL

Confidence: HIGH

Exploitation Method: DIRECT_NETWORK

CVE Published: 2025-10-21

Added to CISA KEV: 2025-11-21 31 DAYS BETWEEN CVE AND KEV

CRITICAL: Check for indicators of compromise - this vulnerability is in CISA KEV indicating active exploitation in the wild. Review logs, check for unauthorized access, verify system integrity
Apply Oracle's security patches immediately for affected versions (12.2.1.4.0 and 14.1.2.1.0)
Monitor REST WebServices endpoints for suspicious authentication bypass attempts
Review access logs for unusual HTTP requests to Identity Manager interfaces
Consider temporarily restricting network access to OIM if immediate patching is not possible
MAXIMUM PATCH PRIORITY - Treat as emergency due to active exploitation and complete system compromise potential

CVE-2025-61757 - Vulnerability Details - OpenCVE
Vulnerability in the Identity Manager product of Oracle Fusion Middleware (component: REST WebServices). Supported versions that are affected are 12.2.1.4.0 and 14.1.2.1.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Identity Manager. Successful attacks of this vulnerability can result in takeover of Identity Manager.
Critical Oracle Identity Manager Flaw Possibly Exploited as Zero ...
The vulnerability, tracked as CVE-2025-61757, was disclosed on Thursday by Searchlight Cyber, whose researchers discovered the issue and reported it to Oracle. The security firm described it as a critical pre-authentication remote code execution vulnerability in Oracle Identity Manager.
Known Exploited Vulnerabilities Catalog
CVE-2025-61757 ... Oracle Fusion Middleware Missing Authentication for Critical Function Vulnerability: Oracle Fusion Middleware contains a missing authentication ...
CVE-2025-61757 Impact, Exploitability, and Mitigation Steps | Wiz
This indicates the vulnerability is easily exploitable, requires no privileges or user interaction, and can impact all aspects of security - confidentiality, ...
CISA Adds One Known Exploited Vulnerability to Catalog
This type of vulnerability is a frequent attack vector for malicious cyber actors and poses significant risks to the federal enterprise. Binding ...See more

🔴 CVE-2025-61757