A vulnerability in Oracle Identity Manager (CVE-2025-61757) has been exploited in the wild before it was patched, raising alarms about cyber threats targeting enterprise systems. The breach could allow attackers to execute remote code and escalate privileges, posing a significant security risk. #CISA #OracleIdentityManager
Keypoints
- The CVE-2025-61757 flaw was exploited as a zero-day before Oracle released a patch in October 2025.
- Searchlight Cyber discovered the vulnerability and provided technical details and proof-of-concept code.
- Attack attempts involving CVE-2025-61757 were observed in honeypot logs from August to September.
- Searchlight Associates attributed some malicious activity to research efforts and organization notifications.
- CISA listed CVE-2025-61757 in its Known Exploited Vulnerabilities (KEV) catalog, urging federal remediation by December 12.