The FBI Cyber Division has posted the following on LinkedIn to emphasize this critical alert and the need to patch and hunt promptly:
Oracle just issued a Security Alert for CVE-2025-61882, a remote code execution vulnerability (CVSS 9.8 – Critical) affecting Oracle E-Business Suite versions 12.2.3 through 12.2.14.
The vulnerability allows unauthenticated attackers to execute code remotely over HTTP without user interaction.
In plain terms: if your EBS environment is reachable on the network, and especially if it’s internet facing, it’s at risk for full compromise.
This is “stop-what-you’re-doing and patch immediately” vulnerability. The bad guys are likely already exploiting it in the wild, and the race is on before others identify and target vulnerable systems.
What to do right now:
1. Apply Oracle’s patch.
2. Confirm you’ve applied the October 2023 Critical Patch Update first — it’s a prerequisite.
3. Isolate or firewall EBS servers so BI Publisher/Concurrent Processing components aren’t network-exposed.
4. Review Oracle’s published IOCs and hunt.
5. Monitor your threat intel feeds — exploit activity could escalate quickly.
Act quickly. Attackers have every incentive to weaponize this one fast. Find CVE info here: https://lnkd.in/e7_Vhr8AAs always, if you suspect compromise, please contact your local FBI field office.
