CVE-2025-61882 – is a critical, pre-authentication remote code execution (RCE) in Oracle E-Business Suite (EBS) – specifically affecting the Oracle Concurrent Processing component (BI Publisher integration). An unauthenticated attacker reachable over HTTP can exploit the flaw to run arbitrary code on the server.

Affected :

• Oracle E-Business Suite 12.2.3 through 12.2.14. Treat any internet-facing EBS instances in these versions as high priority for remediation.

How attackers exploit this vulnerability (attack vector)

Remote, unauthenticated HTTP: attackers send specially crafted HTTP request to the vulnerable BI Publisher / Concurrent Processing endpoint to trigger the RCE.In the wild / active exploitation: multiple reports and threat-intel vendors have observed active campaigns and leaked exploit script tied to this CVE

CERTVU recommend:

1. Immediate Patching - Apply Oracle’s emergency Security Alert / patches for CVE-2025-61882 for all affected EBS versions.
2. If for some reasons you cannot block immediately:
   • Block/limit HTTP access to EBS (especially the Concurrent Processing / BI Publisher endpoints) at the network parameter – restrict to trusted Ips and VPN only.
   • Apply WAF /IPS Rules to block unknown exploit patterns and enable vendor/IDS signatures the reference this CVE.
   • Isolate any internet-facing EBS host