Oracle Releases Emergency Fix for High-Severity Vulnerability in E-Business Suite

On October 11, 2025, Oracle released an emergency fix for a high-severity information disclosure vulnerability in Oracle E-Business Suite (EBS), tracked as CVE-2025-61884. The flaw exists in the Runtime UI component of Oracle Configurator and allows remote unauthenticated threat actors to access sensitive resources. Oracle has not confirmed a link between this vulnerability and the extortion emails received by some Oracle EBS customers from the Cl0p ransomware group in recent weeks. At the time of writing, Oracle has not indicated that this vulnerability has been exploited in the wild, and Arctic Wolf has not identified a publicly available proof-of-concept exploit. Given historical targeting and the recent Cl0p ransomware activity, threat actors are likely to express interest and attempt exploitation in the near future.

Recommendation: CVE-2025-61884 Upgrade to Latest Fixed Version. Arctic Wolf strongly recommends that customers upgrade to the latest fixed version.

Product: Affected Versions: Oracle E-Business Suite 12.2.3 – 12.2.14. Fixed Version: Patch Availability Document. Please follow your organization’s patching and testing guidelines to minimize potential operational impact.

References: Oracle CVE-2025-61884 Advisory Resources. Understand the threat landscape with our annual review highlighting cyber threats with the 2025 Security Operations Report. See how Arctic Wolf utilizes threat intelligence to harden your attack surface and stop threats earlier and faster.