A critical vulnerability (CVE-2025-61757) in Oracle Identity Manager may have been exploited as a zero-day before its patch release. This flaw allows attackers to execute remote code, bypass authentication, and compromise sensitive systems, posing a serious threat to organizations handling user data. #OracleIdentityManager #ZeroDayExploit
Keypoints
- A critical vulnerability in Oracle Identity Manager was disclosed and promptly patched in October 2025.
- The flaw enables remote attackers to bypass authentication and execute arbitrary code on affected systems.
- Searchlight Cyber and SANS detected signs of attempted exploitation weeks before the patch was released.
- Exploitation attempts involved scanning from a single IP address using POST requests, indicating targeted activity.
- Previous scans from these IP addresses linked to other vulnerabilities like Log4j and Liferay, suggesting ongoing probing by threat actors.
Read More: https://www.securityweek.com/critical-oracle-identity-manager-flaw-possibly-exploited-as-zero-day/