Oracle Rushes Out Critical EBS Patch After Clop Ransomware Exploit
Oracle has swiftly released a critical software update to address a severe security flaw in its Oracle E-Business Suite (EBS). The patch comes in response to the vulnerability, CVE-2025-61882, being exploited by the notorious Clop ransomware gang. Oracle EBS users are urged to act promptly to safeguard their systems.
The vulnerability, an unauthenticated remote code execution (RCE) issue, affects Oracle EBS versions 12.2.3 to 12.2.14. It allows attackers to gain control of the entire system without needing any user credentials. The exploit has been leaked, increasing the risk to Oracle users worldwide.
The UK's National Cyber Security Centre (NCSC) and Google's Mandiant group have confirmed that the Clop group exploited this zero-day vulnerability as early as August 2025. Oracle has since provided the fix on October 4, 2025. To secure their systems, Oracle EBS users should install the latest update and reduce their software's internet exposure.
Oracle EBS users must prioritize installing the security update to protect against potential attacks. They should also assess their systems for any signs of unauthorized access, given the exploit's leak and the confirmed zero-day usage. By taking these steps, users can minimize their risk and ensure the security of their Oracle EBS instances.
