Cve 2025 61757 Unauthorized Access In Oracle Fusion Middleware S Exploitation of cve 2025 61757 poses a high risk to confidentiality, integrity and availability and “can result in takeover of identity manager,” according to its cve description. Taking a closer look at the software running on oracle cloud’s login host and our customers’ attack surfaces, we discovered a pre authentication rce vulnerability in oracle identity manager (cve 2025 61757).
Cve 2025 61757 Critical Pre Auth Rce In Oracle Identity Manager Ionix The vulnerability, tracked as cve 2025 61757, was disclosed on thursday by searchlight cyber, whose researchers discovered the issue and reported it to oracle. the security firm described it as a critical pre authentication remote code execution vulnerability in oracle identity manager. Searchlight cyber today released a blog detailing cve 2025 61757, a vulnerability they reported to oracle. oracle released a patch for the vulnerability as part of its october critical patch update, which was released on october 21st. Vulnerability in the identity manager product of oracle fusion middleware (component: rest webservices). supported versions that are affected are 12.2.1.4.0 and 14.1.2.1.0. easily exploitable vulnerability allows unauthenticated attacker with network access via http to compromise identity manager. Cve 2025 61757 is not just a bug; it’s a high leverage identity tier compromise route born out of a known enterprise java anti pattern. the immediate ask is obvious — patch the affected oim versions and lock down rest management access.
Cve 2025 61757 Oracle Identity Manager Rce Vulnerability in the identity manager product of oracle fusion middleware (component: rest webservices). supported versions that are affected are 12.2.1.4.0 and 14.1.2.1.0. easily exploitable vulnerability allows unauthenticated attacker with network access via http to compromise identity manager. Cve 2025 61757 is not just a bug; it’s a high leverage identity tier compromise route born out of a known enterprise java anti pattern. the immediate ask is obvious — patch the affected oim versions and lock down rest management access. The zero day exploitation of cve 2025 61757 was confirmed by sans internet storm center honeypots between august 30 and september 9, 2025, demonstrating active targeting of vulnerable oracle identity manager instances before patches were available. An attacker, having identified an unpatched oracle identity manager instance, crafts a malicious wadl payload that exploits cve‑2025‑61757. the payload is exactly 556 bytes long (as required by the proof‑of‑concept) and is sent via http post to two known vulnerable uris. Cisa recently added cve 2025 61757 to its known exploited vulnerabilities (kev) catalog after confirming active exploitation. the listing highlights a critical flaw affecting oracle identity manager – part of oracle fusion middleware. Vulnerability in the identity manager product of oracle fusion middleware (component: rest webservices). supported versions that are affected are 12.2.1.4.0 and 14.1.2.1.0. easily exploitable vulnerability allows unauthenticated attacker with network access via http to compromise identity manager.
Comments are closed.