Oracle has swiftly patched another critical vulnerability, CVE-2025-61884, in its E-Business Suite. This fix comes hot on the heels of reports that the notorious hacker group, ShinyHunters, allegedly exploited this flaw to pilfer sensitive corporate data from multiple organizations. This is Oracle’s second patch in recent weeks addressing exploit chains used in ransomware extortion campaigns.
The newly patched vulnerability, discovered in Oracle’s E-Business Suite, is a doozy. It’s remotely exploitable without any authentication, meaning hackers can target it over the network without needing a username or password. If successfully exploited, it could grant access to sensitive resources within the system.
The affected versions range from 12.2.3 to 12.2.14. Oracle, as always, urges customers to stay on actively-supported versions and apply all Security Alerts and Critical Patch Update security patches promptly.
While Oracle’s advisory doesn’t mention ShinyHunters or the recent breaches, our tech-savvy friends at BleepingComputer confirmed that this patch indeed breaks the exploit chain used by the threat actors. This is the second time in recent weeks that Oracle has patched E-Business Suite vulnerabilities allegedly exploited by cybercriminals.
Earlier in October, businesses across the U.S. received extortion emails from ransomware actors known as Cl0p. Initially, Oracle claimed the attackers were exploiting an n-day vulnerability patched earlier. However, it later released a patch for CVE-2025-61882, a bug that allowed unauthenticated attackers to compromise and fully take over the Oracle Concurrent Processing component of E-Business Suite.
Now, with the second patch out, let’s hope these security holes are finally plugged. Stay tuned for more updates!
