Part of Lyceum Intelligence — deep-research In Focus reports → · Lyceum Corpus — ask the documents →

Full-text search across 381 articles. Typo-tolerant.

Lyceum News Desk ·

CVE-2025-61882 -- CVSS 9.8 Vulnerability Briefing

CVE-2025-61882 | CVSS 9.8 (Critical) | Exploit: PoC available

What Is It

CVE-2025-61882 is a critical unauthenticated remote compromise vulnerability in Oracle Concurrent Processing, specifically within the BI Publisher Integration component of Oracle E-Business Suite versions 12.2.3 through 12.2.14.

Technical Detail

The flaw allows an unauthenticated attacker with network access over HTTP to fully compromise the Oracle Concurrent Processing service, with Oracle's advisory indicating a complete system takeover is achievable. No credentials or prior access are required, and the attack vector is the network, making this remotely exploitable without user interaction. Successful exploitation results in full loss of confidentiality, integrity, and availability, consistent with unauthenticated remote code execution or equivalent control-plane compromise.

Exploitation Status

A proof-of-concept exploit is publicly available. This vulnerability is not currently listed in CISA's Known Exploited Vulnerabilities catalog, meaning active in-the-wild exploitation has not been formally confirmed by CISA as of this writing. However, the combination of a CVSS 9.8 score, no authentication requirement, and public PoC availability significantly elevates the risk of exploitation in the near term.

Who Is Targeting This

No specific threat actor attribution has been confirmed at this time. Oracle E-Business Suite deployments are historically targeted by financially motivated actors and espionage groups due to the sensitive financial, HR, and operational data they process, but no campaigns leveraging this specific CVE have been publicly attributed.

What To Do

Organizations running Oracle E-Business Suite versions 12.2.3 through 12.2.14 should apply Oracle's patch for this vulnerability immediately, treating it as a priority-one remediation given the unauthenticated attack vector and public PoC availability. If patching cannot be completed immediately, restrict network access to the Concurrent Processing service at the perimeter and application firewall level, limiting exposure to trusted internal hosts only. Audit HTTP access logs for anomalous requests targeting BI Publisher Integration endpoints as a detection measure. Confirm patch application through Oracle's standard patch verification procedures and validate that no unauthorized access occurred prior to remediation.

In Focus
All analysis →

Deep-research intelligence reports from Lyceum Intelligence — structured assessments with sourced claims and calibrated conclusions.

Browse Intelligence Reports →