BTC $71,807
2026 Bull Run Is Building Start trading with 5% OFF all fees
Sign Up Now
BTC $71,807
Bull Run 2026 | 5% Off Fees Open your Binance account today
Sign Up

CISA Adds 5 Exploited Vulnerabilities Including Oracle EBS Flaw

CISA Adds Five Actively Exploited Vulnerabilities, Including Critical Oracle E-Business Suite Flaws, to KEV Catalog with Federal Fix Deadline of November 10, 2025

  • CISA included five vulnerabilities in its Known Exploited Vulnerabilities Catalog on October 20, 2025.
  • A new server-side request forgery flaw in Oracle E-Business Suite was confirmed as exploited in real attacks.
  • Two Oracle EBS vulnerabilities, including a critical code execution bug, are actively targeted by attackers.
  • Four additional flaws in Microsoft, Kentico Xperience CMS, and Apple software were also added to the catalog.
  • Federal agencies must fix these vulnerabilities by November 10, 2025, to protect against active exploits.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added five security vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog on October 20, 2025. This update includes a newly confirmed exploited flaw in Oracle E-Business Suite (EBS) that threatens sensitive data.

- Advertisement -

Among the added flaws is CVE-2025-61884, a server-side request forgery (SSRF) vulnerability in Oracle Configurator’s Runtime component. It has a severity score of 7.5 and allows remote attackers to access critical data without needing authentication, according to CISA. This vulnerability now joins CVE-2025-61882 (CVSS score 9.8), a severe bug enabling unauthenticated remote code execution in Oracle EBS, both known to be exploited in active attacks.

Earlier this month, the Google Threat Intelligence Group and Mandiant reported targeting of multiple organizations using CVE-2025-61882. Zander Work, a senior security engineer at Google, noted, “It’s likely that at least some of the exploitation activity we observed was conducted by actors now conducting Cl0p-branded extortion operations.”

The other vulnerabilities added by CISA include:
– CVE-2025-33073, an access control flaw in Microsoft Windows SMB Client (CVSS 8.8).
– CVE-2025-2746 and CVE-2025-2747, both authentication bypasses in Kentico Xperience CMS (CVSS 9.8).
– CVE-2022-48503, improper array index validation in Apple’s JavaScriptCore leading to potential code execution (CVSS 8.8).

Fixes for these were previously released by their respective companies in 2022 and 2025. There are no current details on exploitation in the wild for four of these issues.

- Advertisement -

Federal Civilian Executive Branch agencies must remediate these five vulnerabilities by November 10, 2025, to secure their IT systems against ongoing attacks.

✅ Follow BITNEWSBOT on Telegram, Facebook, LinkedIn, X.com, and Google News for instant updates.

Previous Articles:

- Advertisement -
Ad
Altseason Is Loading. Don't watch from the sidelines.
SOL $90.51
DOGE $0.0963
LINK $9.02
SUI $1.00
5% off fees when you sign up
Start Trading
Ad
Pay Less on Every Trade. For Life.
$10K/mo volume Save $60/yr
$50K/mo volume Save $300/yr
$100K/mo volume Save $600/yr
5% off all trading fees when you sign up
Claim Your Discount

Latest News

AI freelancers could drive $262B in stablecoin payments by 2033

Swyftx projects that $262 billion of the AI-native gig economy's payment volume could be...

LINE NEXT launches global stablecoin platform Unifi

LINE NEXT has launched Unifi, a non-custodial stablecoin platform, now available globally as it...

Saylor’s ‘Orange Dots’ Signal Fails to Clarify Bitcoin Strategy

Strategy founder Michael Saylor posted a cryptic signal on Sunday, prompting analysts to call...

Crypto’s $2T Crash Awaits BlackRock Shock & FOMO

Bitcoin has stabilized near $60,000 after a downturn erased $2 trillion from the crypto...

Cambridge: Ethereum Energy Intensity Low, Overall Use High

Ethereum consumes roughly 7.87 GWh annually, the second-lowest energy intensity per market value among...

Must Read

How Cryptocurrency Works For Beginners?

Welcome to the world of cryptocurrency! If you're new to this exciting and rapidly evolving landscape, you might feel like Alice in Wonderland, exploring...
Ad
Altseason Is Loading. These 4 coins are trending right now.
SOL $92.12
DOGE $0.0950
LINK $9.02
SUI $1.02
5% off spot fees when you sign up
Start Trading