Critical unauthenticated remote code execution vulnerability in Oracle E-Business Suite Concurrent Processing component accessible via HTTP. Actively exploited by Cl0p ransomware group for data theft attacks with complete system takeover potential.
Data Source: CIRCL
Confidence: HIGH
Exploitation Method: DIRECT_NETWORK
CVE Published: 2025-10-05
Added to CISA KEV: 2025-10-06 1 DAY BETWEEN CVE AND KEV
CVE-2025-61882 is a critical vulnerability affecting Oracle E-Business Suite (EBS), particularly the Concurrent Processing component's BI Publisher Integration [3][1]. Here's what is known about its exploitation:
What is CVE-2025-61882? CVE-2025-61882 (CVSS 9.8) is a Remote Code Execution (RCE) vulnerability in the BI Publisher Integration component of Oracle’s Concurrent Processing module – an integral service within Oracle E-Business Suite that handles automated and background processes. This flaw is remot…
Ivanti's CVE-2025-0282 flaw, exploited by China-linked actors, enables remote code execution.In light of active exploitation, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2025-0282 to the Known Exploited Vulnerabilities (KEV) catalog, requiring federal agencies to a…
Vulnerability in the Oracle Concurrent Processing product of Oracle E-Business Suite (component: BI Publisher Integration). Supported versions that are affected are 12.2.3-12.2.14. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Conc…
Oracle is warning about a critical E-Business Suite zero-day vulnerability tracked as CVE-2025-61882 that allows attackers to perform unauthenticated remote code execution, with the flaw actively exploited in Clop data theft attacks.Oracle has linked an ongoing extortion campaign claimed by the Clop…
The vulnerability, tracked as CVE-2025-61882 (CVSS score: 9.8), concerns an unspecified bug that could allow an unauthenticated attacker with network ...