Security alert infographic: Cracked Oracle E-Business Suite icon with red HTTP arrow breaching Configurator module, data streams leaking sensitive files; timeline linking to CVE-2025-61882 Cl0p exploits, patch badge urging "Update Now" on enterprise netwo

Oracle disclosed CVE-2025-61884, a high-severity vulnerability (CVSS 7.5) in E-Business Suite's Oracle Configurator, allowing unauthenticated attackers with HTTP network access to compromise the system and gain unauthorized access to critical data. The flaw, remotely exploitable without authentication, affects versions 12.2.3 through 12.2.14. Oracle's Chief Security Officer Rob Duhart noted it impacts some deployments, urging immediate patching to prevent data breaches, though no in-the-wild exploitation is reported.

Security alert infographic: Cracked Oracle E-Business Suite icon with red HTTP arrow breaching Configurator module, data streams leaking sensitive files; timeline linking to CVE-2025-61882 Cl0p exploits, patch badge urging "Update Now" on enterprise netwoSecurity alert infographic: Cracked Oracle E-Business Suite icon with red HTTP arrow breaching Configurator module, data streams leaking sensitive files; timeline linking to CVE-2025-61882 Cl0p exploits, patch badge urging "Update Now" on enterprise netwo

This alert follows Google Threat Intelligence and Mandiant's revelation of CVE-2025-61882 zero-day abuse, where Cl0p-linked hackers targeted dozens of organizations, deploying malware like GOLDVEIN.JAVA, SAGEGIFT, SAGELEAF, and SAGEWAVE via two payload chains. The attacks highlight E-Business Suite's appeal to ransomware groups seeking supply chain footholds.

Security alert infographic: Cracked Oracle E-Business Suite icon with red HTTP arrow breaching Configurator module, data streams leaking sensitive files; timeline linking to CVE-2025-61882 Cl0p exploits, patch badge urging "Update Now" on enterprise netwoSecurity alert infographic: Cracked Oracle E-Business Suite icon with red HTTP arrow breaching Configurator module, data streams leaking sensitive files; timeline linking to CVE-2025-61882 Cl0p exploits, patch badge urging "Update Now" on enterprise netwo

Users should apply Oracle's updates promptly, segment networks to limit HTTP exposure, and monitor for anomalous Configurator activity. With legacy enterprise software under siege, regular vulnerability scans and least-privilege access are essential to mitigate these escalating risks.
 
NPAV offers a robust solution to combat cyber fraud. Protect yourself with our top-tier security product, Z Plus Security