Security Flaw in Oracle E-Business Suite Components
CVE-2025-61884
Key Information:
- Vendor
Oracle
- Status
- Vendor
- CVE Published:
- 12 October 2025
Badges
What is CVE-2025-61884?
CVE-2025-61884 is a security vulnerability found in the Oracle E-Business Suite, specifically within the Oracle Configurator component, which plays a crucial role in managing complex configurations and product offerings for enterprises. This vulnerability poses a serious risk to organizations, as it allows an unauthenticated attacker with network access via HTTP to potentially exploit Oracle Configurator. If successfully exploited, attackers could gain unauthorized access to sensitive data or even achieve complete control over all data accessible through the Oracle Configurator. The vulnerability has been assigned a CVSS 3.1 base score of 7.5, indicating a high level of severity primarily due to its potential impact on confidentiality.
Potential impact of CVE-2025-61884
-
Unauthorized Data Access: The vulnerability may allow attackers to access critical and confidential data, leading to potential data breaches that could expose sensitive business information.
-
System Compromise: Successful exploitation may also grant complete control over the Oracle Configurator component, allowing malicious actors to manipulate configurations, disrupt operations, or launch further attacks on integrated systems.
-
Reputational Damage: Organizations affected by this vulnerability may face significant reputational harm if sensitive data is compromised, leading to loss of customer trust and potential legal ramifications.
CISA has reported CVE-2025-61884
CISA provides regional cyber and physical services to support security and resilience across the United States. CISA monitor the most dangerious vulnerabilities and have identifed CVE-2025-61884 as being exploited and is known by the CISA as enabling ransomware campaigns.
The CISA's recommendation is: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
Affected Version(s)
Oracle Configurator 12.2.3 <= 12.2.14
Exploit Proof of Concept (PoC)
PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.
News Articles
Techzine GlobalCVE-2025-61884CISA: Oracle vulnerability is being actively exploited
CISA forces federal organizations to install Oracle patch for actively exploited SSRF vulnerability. Oracle does not confirm exploitation.
US cyber agency adds 5 known exploited vulnerabilities to KEV listing
Multiple Apple products and Oracle’s E-Business Suite feature in CISA’s latest addition to the KEV catalogue.
CISA confirms hackers exploited Oracle E-Business Suite SSRF flaw
CISA has confirmed that an Oracle E-Business Suite flaw tracked as CVE-2025-61884 is being exploited in attacks, adding it to its Known Exploited Vulnerabilities catalog.
References
EPSS Score
34% chance of being exploited in the next 30 days.
CVSS V3.1
Timeline
- 💰
Used in Ransomware
- 👾
Exploit known to exist
- 🦅
CISA Reported
- 🥇
Vulnerability reached the number 1 worldwide trending spot
- 📈
Vulnerability started trending
- 🟡
Public PoC available
- 📰
First article discovered by Help Net Security
Vulnerability published
Vulnerability Reserved