PT-2025-41705 · Oracle · Oracle Configurator
Published
2025-10-12
·
Updated
2025-10-15
·
CVE-2025-61884
CVSS v3.1
7.5
7.5
High
Base vector | Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Oracle E-Business Suite versions 12.2.3 through 12.2.14
Description
An easily exploitable vulnerability exists in the Oracle Configurator product of Oracle E-Business Suite, specifically within the Runtime UI component. This flaw allows an unauthenticated attacker with network access via HTTP to compromise Oracle Configurator. Successful exploitation can lead to unauthorized access to critical data or complete access to all Oracle Configurator accessible data. Reports indicate that similar vulnerabilities have been exploited by Cl0p-linked actors, and a proof-of-concept exploit has been publicly leaked by the ShinyHunters group. Approximately 18,900 vulnerable instances have been identified. The vulnerability is remotely exploitable without authentication, meaning no username or password is required for exploitation.
Recommendations
Apply the security updates or mitigations provided by Oracle as soon as possible for all affected versions.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com
Related Identifiers
CVE-2025-61884
Affected Products
Oracle Configurator
References · 85
- https://nvd.nist.gov/vuln/detail/CVE-2025-61884 · Security Note
- https://twitter.com/offseq/status/1977208203709493311 · Twitter Post
- https://twitter.com/f1tym1/status/1978024134195007577 · Twitter Post
- https://twitter.com/IT_news_for_all/status/1977426604058898664 · Twitter Post
- https://twitter.com/helpnetsecurity/status/1977312557422542944 · Twitter Post
- https://reddit.com/r/pwnhub/comments/1o68lnv/oracle_addresses_ebusiness_suite_vulnerability · Reddit Post
- https://twitter.com/shbgpsum/status/1977478343155982678 · Twitter Post
- https://reddit.com/r/cybersecurity/comments/1o4et51/new_oracle_ebs_vulnerability_cve202561884 · Reddit Post
- https://twitter.com/RickSpairDX/status/1977432410779164809 · Twitter Post
- https://twitter.com/PoseidonTPA/status/1977314876759634125 · Twitter Post
- https://twitter.com/hackplayers/status/1978011667918151771 · Twitter Post
- https://twitter.com/stephenmarriott/status/1977529798735130685 · Twitter Post
- https://twitter.com/0xT3chn0m4nc3r/status/1978143843464679791 · Twitter Post
- https://twitter.com/CrowdCyber_Com/status/1977743867068772493 · Twitter Post
- https://twitter.com/fishpassenger/status/1978147890888630284 · Twitter Post