New! Try the FREE Predictive Security Plugin for WordPress – Scan, Secure & Stay Safe in Seconds!

Current CyberSecurity Advisories

Critical vulnerability in Oracle E-Business Suite

Release date

07 October 2025

Alert rating

Critical

Description

ASD’s ACSC recommends organisations update affected products to the latest versions and follow the advice detailed in the Oracle Security Advisory.

Audience

Small & medium businessesOrganisations & Critical InfrastructureGovernment

Current update

This alert is intended for a technical audience. It has been written primarily for; but is not limited to, business and government.

Background

Oracle has identified the following vulnerability in Oracle E-Business Suite.
CVE-2025-61882: This vulnerability is remotely exploitable without authentication, i.e., it may be exploited over a network without the need for a username and password. If successfully exploited, this vulnerability may result in remote code execution.

The following supported versions of Oracle E-Business Suite are affected by the vulnerability:

Oracle E-Business Suite 12.2.3 – 12.2.14

Mitigation advice

Australian organisations should review their networks for use of vulnerable instances of the Oracle E-Business Suite products, and consult Oracle Security Advisory for mitigation advice.

Where to get help

Organisations that have been impacted, suspect impact or require advice and assistance can contact us via 1300 CYBER1 (1300 292 371).

Source

https://www.cyber.gov.au/about-us/view-all-content/alerts-and-advisories/critical-vulnerability-in-oracle-e-business-suite

Protect your assets with Predictive

🤖 Hello, how can I assist you today?
I can help you with:
✅ Answer questions related to the website.
✅ Help you understand things you don't know.

❓ What's Tisalabs

💻 What's IoT

🔒 Why sensor data must be protected?