Inkmoro

**Name of the Vulnerable Software and Affected Versions** Oracle E-Business Suite versions 12.2.3 through 12.2.14 **Description** Oracle E-Business Suite is affected by a critical remote code execution (RCE) vulnerability (CVE-2025-61882). This flaw allows unauthenticated attackers to execute arbitrary code, potentially leading to full system compromise and data theft. The vulnerability is actively exploited by the Cl0p ransomware group. Exploitation involves bypassing authentication through the BI Publisher Integration component, utilizing SSRF, CRLF injection, and XSLT template manipulation. A public proof-of-concept exploit is available. Multiple organizations have been impacted, with reports of data exfiltration and extortion attempts. Indicators of compromise (IOCs) have been shared by security researchers. **Recommendations** Oracle E-Business Suite versions 12.2.3 through 12.2.14: Apply the security patch released by Oracle immediately.