CVE Tools

Description

Vulnerability in the Oracle Concurrent Processing product of Oracle E-Business Suite (component: BI Publisher Integration). Supported versions that are affected are 12.2.3-12.2.14. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Concurrent Processing. Successful attacks of this vulnerability can result in takeover of Oracle Concurrent Processing. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).

In plain language

AI Act now

CVE-2025-61882 is a serious, internet-reachable flaw in Oracle E-Business Suite’s Concurrent Processing (BI Publisher Integration) that lets an attacker take over the service over HTTP without logging in—so most affected small businesses should act urgently.

Executive summary

CVE-2025-61882 is an unauthenticated remote takeover vulnerability in Oracle E-Business Suite Concurrent Processing via the BI Publisher Integration component, triggered through network access over HTTP in supported releases 12.2.3–12.2.14.

If affected, business impact
Full takeover of concurrent processingService disruption and outagesLoss of confidentiality and integrityRansomware campaign target

What to do now

  1. Check whether you run Oracle E-Business Suite Concurrent Processing on versions 12.2.3 through 12.2.14 (and whether BI Publisher Integration is in use) and confirm the instance is reachable over HTTP from untrusted networks.
  2. If you are affected, immediately apply Oracle’s remediation from the advisory for CVE-2025-61882 (Oracle Security Alert) and roll the instance forward to the patched level described by Oracle (July 2025 CPU guidance).
  3. If you cannot patch right away, restrict network access so the vulnerable HTTP endpoint is not reachable from the internet or any untrusted network, following Oracle’s mitigation instructions.
  4. Verify externally from a test host that the vulnerable HTTP reachability has been removed and review logs for any related exploit attempts since exposure.
  5. Set a plan to complete the full patch/upgrade rollout and ensure BI Publisher Integration and Concurrent Processing remain covered for future security updates.
Patch / advisory Some work to apply

CVSS Vector Breakdown

AV:NAC:LPR:NUI:NS:UC:HI:HA:H
Exploitability
AV:NAttack Vector
Network
AC:LAttack Complexity
Low
PR:NPrivileges Required
None
UI:NUser Interaction
None
Scope
S:UScope
Unchanged
Impact
C:HConfidentiality
High
I:HIntegrity
High
A:HAvailability
High

Weaknesses

Affected Products

Exploitability

CISA Known Exploited Vulnerability
Added to KEV:Oct 6, 2025
Remediation due:Oct 27, 2025
Ransomware:Known ransomware use

Required action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Official Patch Available

Attack Graph

Products CVE Techniques Tactics

Click technique nodes for MITRE ATT&CK details · drag to pan · Ctrl/ + scroll to zoom, or go fullscreen.

MITRE ATT&CK

2 techniques
Initial Access
View detailed technique mapping

References

and 1 more references View all →
Could not load news mentions.

Unlock Complete Vulnerability Intelligence

Get the full picture for CVE-2025-61882 and every CVE in our database. Create a free account — no credit card required.

Create Free Account
Plain-language analysis
Impact assessment and exploitation scenario in plain English
Attack graph visualization
Interactive attack path and kill chain mapping
Exploit details & PoC links
ExploitDB, Metasploit, GitHub PoCs with direct links
Nuclei scanner templates
Ready-to-use vulnerability scanner templates
Full remediation guide
Patch instructions, workarounds, and compliance impact
Interactive AI chat
Ask questions about this vulnerability in natural language
Related vulnerabilities
Semantically similar CVEs and attack patterns
REST API & MCP access
Integrate vulnerability data into your workflows