Unauthenticated Access Vulnerability in Oracle E-Business Suite - BI Publisher Integration
CVE-2025-61882
Key Information:
- Vendor
Oracle
- Vendor
- CVE Published:
- 5 October 2025
Badges
What is CVE-2025-61882?
CVE-2025-61882 is a critical vulnerability affecting the Oracle E-Business Suite, specifically within the Oracle Concurrent Processing component related to BI Publisher Integration. This vulnerability enables unauthenticated attackers to gain network access via HTTP, allowing them to compromise the functionality of Oracle Concurrent Processing without needing legitimate access credentials. Organizations utilizing the affected versions (12.2.3 to 12.2.14) of the Oracle E-Business Suite face significant risks due to this vulnerability's high CVSS score of 9.8, which highlights its potential to severely impact confidentiality, integrity, and availability of sensitive data and services.
Potential impact of CVE-2025-61882
-
Unauthorized Access: The vulnerability permits attackers to exploit the Oracle Concurrent Processing capabilities without the need for authentication, paving the way for unauthorized actions that could compromise sensitive business data.
-
Data Breach Risks: Given the elevated access levels that can be achieved through this vulnerability, there is a substantial risk of data breaches. Attackers could access, modify, or exfiltrate confidential information stored within the Oracle E-Business Suite, leading to significant financial and reputational damage to affected organizations.
-
System Compromise: Successful exploitation of CVE-2025-61882 could lead to the complete takeover of Oracle Concurrent Processing, resulting in severe operational disruptions, loss of control over critical systems, and the potential for further attacks or deployment of additional malware within the affected environment.
CISA has reported CVE-2025-61882
CISA provides regional cyber and physical services to support security and resilience across the United States. CISA monitor the most dangerious vulnerabilities and have identifed CVE-2025-61882 as being exploited and is known by the CISA as enabling ransomware campaigns.
The CISA's recommendation is: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
Affected Version(s)
Oracle Concurrent Processing 12.2.3 <= 12.2.14
Exploit Proof of Concept (PoC)
PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.
News Articles
List of Oracle EBS Attack Victims May Be Growing Longer
Evidence suggests that Schneider Electric and others may have fallen prey to zero-day CVE-2025-61882.
2 days ago
Harvard and Envoy Airlines Breached via Oracle’s E-Business Suite Zero-Day Vulnerability - CPO Magazine
Harvard University and Envoy, an American Airlines subsidiary, have confirmed data breaches linked to a zero-day vulnerability CVE-2025-61882 in Oracle’s E-Business Suite software.
2 days ago
Harvard Hit in Oracle Zero-Day Ransomware Attack
Harvard University has confirmed it was breached in a ransomware attack exploiting a critical zero-day vulnerability in Oracle's E-Business Suite (EBS), tracked as CVE-2025-61882. The Clop ransomware group...
1 week ago
References
EPSS Score
79% chance of being exploited in the next 30 days.
CVSS V3.1
Timeline
- 🟡
Public PoC available
- 🥇
Vulnerability reached the number 1 worldwide trending spot
- 📈
Vulnerability started trending
- 👾
Exploit known to exist
- 🦅
CISA Reported
- 📰
First article discovered by BleepingComputer
- 💰
Used in Ransomware
Vulnerability published
Vulnerability Reserved