Rewterz

Ivanti Patches 13 Endpoint Manager RCE Flaws

October 14, 2025
Rewterz

Astaroth Banking Trojan Exploits GitHub to Stay Active After Takedowns – Active IOCs

October 14, 2025

Multiple Oracle E-Business Vulnerabilities

Severity

High

Analysis Summary

CVE-2025-61884 CVSS:7.5

Oracle E-Business Suite could allow a remote attacker to obtain critical data information, caused by improper authorization validation. An attacker could exploit this vulnerability using HTTP to gain complete access to all Oracle Configurator accessible data.

CVE-2025-61882 CVSS:9.8

Oracle E-Business Suite could allow a remote attacker to execute arbitrary code on the system, caused by an error in the BI Publisher Integration component. An attacker could exploit this vulnerability using HTTP to compromise and take control of the Oracle Concurrent Processing component and execute arbitrray code on the system.

Impact

  • Code Execution
  • Information Disclosure

Indicators of Compromise

CVE

  • CVE-2025-61884

  • CVE-2025-61882

Affected Vendors

Oracle

Affected Products

  • Oracle E-Business Suite 12.2.3
  • Oracle E-Business Suite 12.2.14

Remediation

Refer to Oracle Security Alert Advisory - for patch, upgrade, or suggested workaround information.

CVE-2025-61884

CVE-2025-61882

Reading this advisory was a good start.

Make it a habit.

Rewterz publishes threat advisories ahead of mainstream cybersecurity media, informed by an AI-Native Autonomous SOC that sees regional threat actor activity in real time. Subscribe to receive each new advisory as it publishes, plus a monthly Middle East threat landscape brief drawn from our own SOC telemetry. For teams evaluating their detection coverage, a 30-minute consultation with a senior analyst is also available, at your pace, when you're ready.