[Vulnerability Alert] Oracle E-Business Suite Has a Major Security Vulnerability (CVE-2025-61882)

• Subject: [Vulnerability Alert] Oracle E-Business Suite Has a Major Security Vulnerability (CVE-2025-61882)

• Content:
  • Forwarded from Taiwan Computer Network Emergency Response Team/Coordination Center TWCERTCC-200-202510-00000002
  • Oracle has released a major security vulnerability advisory (CVE-2025-61882, CVSS: 9.8). This vulnerability exists in Oracle Concurrent Processing of Oracle E-Business Suite, allowing an unauthenticated attacker to access it via an HTTP network, which may lead to remote code execution. Note: Attacks exploiting this vulnerability have been observed; it is recommended to take temporary mitigation measures as soon as possible to prevent potential attacks targeting this vulnerability.
• Affected Platforms:
  • Oracle E-Business Suite 12.2.3-12.2.14
• Recommended Action:
  • Apply the solution released on the official website for patching: https://www.oracle.com/security-alerts/alert-cve-2025-61882.html
• References:
  1. https://www.twcert.org.tw/tw/cp-169-10418-3bdee-1.html

Computer and Communications Center
Network Systems Group