Mirai Botnet aka Katana – Active IOCs
April 24, 2025AsyncRAT – Active IOCs
April 24, 2025Mirai Botnet aka Katana – Active IOCs
April 24, 2025AsyncRAT – Active IOCs
April 24, 2025Severity
Medium
Analysis Summary
CVE-2025-30732 CVSS:6.1
An unauthenticated vulnerability exists in Oracle Application Object Library within Oracle E-Business Suite. The vulnerability can be easily exploited by an attacker with network access via HTTP. However, successful attacks require human interaction from someone other than the attacker. While the vulnerability is specifically in the Oracle Application Object Library component, it can potentially impact additional products. An attacker could potentially gain unauthorized update, insert, or delete access to certain Oracle Application Object Library data, as well as unauthorized read access to a subset of the system's data. The vulnerability has indicating impacts to confidentiality and integrity.
CVE-2025-30733 CVSS:6.5
An Oracle Database Server vulnerability exists in the RDBMS Listener component. This easily exploitable issue allows an unauthenticated attacker with network access via Oracle Net to potentially compromise the RDBMS Listener. The vulnerability requires human interaction from someone other than the attacker. If successfully exploited, an attacker could gain unauthorized access to critical data or complete access to all RDBMS Listener accessible data.
CVE-2025-30737 CVSS:5.7
Oracle Smart View for Office 24.200 has a vulnerability in its core component that can be challenging to exploit. A high-privileged attacker with network access through HTTP could potentially compromise the product, but this requires human interaction from someone other than the attacker. If successful, the vulnerability could allow unauthorized creation, deletion, or modification of critical data within Oracle Smart View for Office. An attacker might also gain unauthorized access to sensitive information. The vulnerability has impacts to confidentiality and integrity. The CVSS vector details show the vulnerability requires high privileges, some user interaction, and has a network attack vector with high complexity.
CVE-2025-30740 CVSS:6.5
Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web Runtime SEC). Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise JD Edwards EnterpriseOne Tools. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all JD Edwards EnterpriseOne Tools accessible data.
CVE-2025-30725 CVSS:6.7
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle VM VirtualBox as well as unauthorized update, insert or delete access to some of Oracle VM VirtualBox accessible data and unauthorized read access to a subset of Oracle VM VirtualBox accessible data.
CVE-2025-30726 CVSS:5.3
Vulnerability in the Oracle Application Object Library product of Oracle E-Business Suite (component: Core. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Application Object Library. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Application Object Library accessible data.
CVE-2025-30729 CVSS:5.5
Oracle Communications Order and Service Management have a security vulnerability that can be easily exploited by a low-privileged attacker with network access via HTTP. The vulnerability requires human interaction from someone other than the attacker. If successfully exploited, an attacker could potentially gain unauthorized update, insert, or delete access to some Oracle Communications Order and Service Management data, read unauthorized data, and cause a partial denial of service. The CVSS vector provides additional details about the vulnerability's characteristics, showing it can be accessed network-wide with low complexity, requires low privileges, needs user interaction, and has limited scope with low-level impacts across confidentiality, integrity, and availability.
CVE-2025-30731 CVSS:3.6
Oracle Applications Technology Stack in Oracle E-Business Suite has a vulnerability in its Configuration component. This hard-to-exploit vulnerability allows an unauthenticated attacker with infrastructure logon to compromise the system. The attack requires human interaction from someone other than the attacker. If successfully exploited, the vulnerability could allow unauthorized update, insert, or delete access to some Oracle Applications Technology Stack data, as well as unauthorized read access to a subset of its data.
CVE-2025-30715 CVSS:4.9
A vulnerability exists in Oracle MySQL Server. The issue affects the Server: Components Services component and can be easily exploited by a high-privileged attacker with network access through multiple protocols. An attacker can potentially cause a hang or frequent crash of the MySQL Server, resulting in a complete denial of service (DOS). The CVSS vector indicates a network-based attack with low complexity, requiring high privileges, and having no user interaction, with the potential to significantly disrupt the server's availability.
CVE-2025-30717 CVSS:6.5
An Oracle Teleservice vulnerability exists in Oracle E-Business Suite. The vulnerability is found in the Service Diagnostics Scripts component and can be easily exploited by a low-privileged attacker with network access through HTTP. An attacker can potentially compromise Oracle Teleservice, which may lead to unauthorized access to critical data or complete access to all Oracle Teleservice accessible data.
CVE-2025-30718 CVSS:5.4
A vulnerability exists in Oracle Applications Framework within Oracle E-Business Suite affecting versions 12.2.3 through 12.2.14. The vulnerability involves the Attachments and File Upload component and can be easily exploited by a low-privileged attacker with network access through HTTP. An attacker can potentially compromise the system, leading to unauthorized update, insert, or delete access to certain Oracle Applications Framework data, as well as unauthorized read access to a subset of accessible data, indicating a network-based attack with low complexity and requiring low privileges without user interaction.
Impact
- Gain Access
- Privilege Escalation
- Denial of Service
- Data Manipulation
Indicators of Compromise
CVE
- CVE-2025-30732
- CVE-2025-30733
- CVE-2025-30737
- CVE-2025-30740
- CVE-2025-30725
- CVE-2025-30726
- CVE-2025-30729
- CVE-2025-30731
- CVE-2025-30715
- CVE-2025-30717
- CVE-2025-30718
Affected Vendors
Affected Products
- Oracle Vm Virtualbox - 7.1.6
- Oracle Application Object Library – 12.2.3 – 12.2.14
- Oracle Rdbms Listener – 19.3 – 19.26
- Oracle Rdbms Listener – 21.3 – 21.17
- Oracle Rdbms Listener - 23.4 – 23.7
- Oracle Smart View for Office - 24.200
- Oracle Jd Edwards Enterpriseone Tools - 9.2.0.0 - 9.2.9.2
- Oracle Application Object Library - 12.2.3 - 12.2.14
- Oracle Communications Order And Service Management - 7.4.0
- Oracle Communications Order And Service Management - 7.4.1
- Oracle Communications Order And Service Management - 7.5.0
- Oracle Applications Technology Stack - 12.2.3 - 12.2.14
- Oracle Mysql Server - 8.0.0 - 8.0.41
- Oracle Mysql Server - 8.4.0 - 8.4.4
- Oracle Mysql Server - 9.0.0 - 9.2.0
- Oracle Teleservice - 12.2.3 - 12.2.14
- Oracle Applications Framework - 12.2.3 - 12.2.14
Remediation
Refer to Oracle Security Advisory for patch, upgrade, or suggested workaround information.