AL25-013 – Vulnerability Impacting Oracle E-Business Suite - CVE-2025-61882

AL25-013 – Vulnerability impacting Oracle E-Business Suite - CVE-2025-61882

Open the article to view the coverage from Malware Analysis, News and Indicators

Cl0p Ransomware Exploits Oracle EBS Zero-Day for Data Theft and Extortion

In the ever-evolving realm of cybersecurity threats, a critical vulnerability in Oracle’s E-Business Suite (EBS) has thrust the enterprise software giant into the spotlight, as the notorious Cl0p ransomware group exploits it for data theft and extortion campaigns. The flaw, tracked as CVE-2025-61882 with a CVSS score of 9.8, allows unauthenticated remote code execution, enabling attackers to infiltrate systems without credentials. This zero-day …

Cl0p Ransomware Actively Exploiting Oracle E-Business Suite 0-Day - Cybernoz - Cybersecurity News

The notorious Cl0p ransomware group has been actively exploiting a critical zero-day vulnerability in Oracle’s E-Business Suite (EBS), targeting enterprise customers through CVE-2025-61882. This sophisticated attack campaign has prompted Oracle to issue an emergency security advisory after reports surfaced that multiple organizations received extortion emails from the threat actors. Critical Zero-Day Vulnerability Exposed Oracle confirmed the ex…

Oracle EBS Under Fire as Cl0p Exploits CVE-2025-61882 in Real-World Attacks

CrowdStrike将Oracle E-Business Suite的安全漏洞CVE-2025-61882（CVSS 9.8）归因于Graceful Spider（Cl0p），该漏洞允许远程代码执行。攻击者通过HTTP请求绕过认证并上传恶意模板以执行代码。CISA已将其加入已知被利用漏洞目录，并敦促修复以应对潜在攻击。