"Duhart said the company is aware that some E-Business Suite customers have received extortion emails. "Our ongoing investigation has found the potential use of previously identified vulnerabilities that are addressed in the July 2025 Critical Patch Update," Duhart explained, without naming the potentially exploited flaws. Oracle fixed roughly 200 vulnerabilities with its July 2025 CPU. Nine patches were released for E-Business Suite, including three for flaws that can be exploited remotely without authentication."
"These three vulnerabilities, all rated 'medium severity', are tracked as CVE-2025-30746, CVE-2025-30745 and CVE-2025-50107. Oracle's advisory indicates that user interaction is required for their exploitation. Three vulnerabilities fixed in July in E-Business Suite have been assigned a 'high severity' rating: CVE-2025-30743, CVE-2025-30744, and CVE-2025-50105. While they do not allow remote exploitation without authentication, their exploitation does not require user interaction."
"Google Threat Intelligence Group (GTIG) and Mandiant revealed this week that executives at many organizations using Oracle's E-Business Suite (EBS) enterprise resource planning product have received emails claiming the theft of sensitive information. GTIG and Mandiant researchers have yet to confirm the hackers' claims, but pointed out that the extortion emails claim to come from members of the notorious Cl0p cybercrime group."
Oracle E-Business Suite customers have received extortion emails claiming theft of sensitive information. Security researchers have not independently confirmed the hackers' claims. The extortion messages claim ties to the Cl0p cybercrime group and have been sent from accounts previously linked to FIN11. An investigation found potential use of previously identified vulnerabilities addressed in Oracle's July 2025 Critical Patch Update. Oracle released roughly 200 fixes in that CPU, including nine E-Business Suite patches. Three EBS flaws require user interaction and are medium severity, while three high-severity EBS flaws require authentication but not user interaction.
Read at SecurityWeek
Unable to calculate read time
Collection
[
|
...
]