Ptechhub
  • News
  • Industries
    • Enterprise IT
    • AI & ML
    • Cybersecurity
    • Finance
    • Telco
  • Brand Hub
    • Lifesight
  • Blogs
No Result
View All Result
  • News
  • Industries
    • Enterprise IT
    • AI & ML
    • Cybersecurity
    • Finance
    • Telco
  • Brand Hub
    • Lifesight
  • Blogs
No Result
View All Result
PtechHub
No Result
View All Result

Oracle E-Business Suite Flaw CVE-2026-46817 Actively Exploited in the Wild

The Hacker News by The Hacker News
July 3, 2026
Home Cybersecurity
Share on FacebookShare on Twitter


Ravie LakshmananJun 30, 2026Vulnerability / Enterprise Software

A critical security flaw impacting Oracle E-Business Suite has come under active exploitation in the wild, according to Defused Cyber.

The vulnerability, tracked as CVE-2026-46817 (CVSS score: 9.8), refers to an improper privilege management and authentication flaw in Oracle Payments that could be abused to take over susceptible instances.

“Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Payments,” according to a description of the flaw in the NIST National Vulnerability Database (NVD). “Successful attacks of this vulnerability can result in the takeover of Oracle Payments.”

The shortcoming impacts versions from 12.2.3 through 12.2.15. Patches for the flaw were shipped by Oracle as part of its Critical Security Patch Update last month.

CVE-2026-46817 has since come under active exploitation, with Defused Cyber noting on Monday that “over the weekend, we observed an actor exploiting the vulnerability on our Oracle E-Business honeypots,” adding “this vulnerability has no known previous exploitation and no public PoC [proof-of-concept] code exists.”

That said, there are currently no details available on how the security flaw is being exploited, who is behind them, and if it’s part of a broader opportunistic or targeted campaign aimed at unpatched systems.

Late last year, another critical flaw in the same product (CVE-2025-61882, CVSS score: 9.8) was weaponized by threat actors linked to the Cl0p ransomware operation, with early attacks launched as far back as August 2025.

Earlier this month, the company addressed a critical missing authentication zero-day vulnerability in PeopleSoft Suite (CVE-2026-35273, CVSS score: 9.8) that was actively exploited in ShinyHunters (aka SHADOW-AETHER-015) data theft and extortion attacks.

“The notable property of this vulnerability is not its impact, but its near-total lack of observability,” Trend Micro said. “The final code-execution step runs through Java’s XMLDecoder inside the application server’s own Java virtual machine (JVM), fires on a restart rather than on the inbound request, and needs no child process and no outbound beacon to succeed. A defender watching the usual places sees a quiet system.”

Automaker Nissan has since acknowledged that it was among those impacted, stating it was the victim of a break-in that involved the exploitation of the PeopleSoft flaw, potentially exposing payroll records, bank details, Social Security numbers, and other personal and financial data belong to its employees in the U.S., Canada, Mexico, and Brazil.

“What stood out was that CVE-2026-35273 isn’t just another trivial, easy-to-exploit single-request vulnerability,” Jake Knott, principal security researcher at watchTowr, said in a statement. “The attack chain is considerably more involved, combining multiple vulnerabilities to plant a malicious file that doesn’t execute immediately but waits until the server restarts.”

“Where we would normally see simple bugs, this is a chain of multiple vulnerabilities, suggestive of a threat actor with genuine knowledge of and familiarity with the underlying codebase, and the ability to develop targeted capabilities against it.”

Knott also pointed out that threat actors are exploiting vulnerabilities faster than ever before, urging organizations to  assume compromise and activate incident response processes to determine whether access was obtained before patches were applied, what was accessed, and whether persistence was established.



Source link

The Hacker News

The Hacker News

Next Post
Interview: How the CIO of Unilever delivers business empathy | Computer Weekly

Interview: How the CIO of Unilever delivers business empathy | Computer Weekly

Recommended.

National Academy of Sciences endorses embryonic engineering

National Academy of Sciences endorses embryonic engineering

Sceye Completes Historic 12-Day, 6,400 Mile Stratospheric Flight, Advancing a New Layer of Infrastructure for Humanity

Sceye Completes Historic 12-Day, 6,400 Mile Stratospheric Flight, Advancing a New Layer of Infrastructure for Humanity

April 13, 2026

Trending.

AWS Vs. Google Cloud Vs. Microsoft Azure Q1 Earnings Face-Off

AWS Vs. Google Cloud Vs. Microsoft Azure Q1 Earnings Face-Off

May 1, 2026
Cloud Market Share Q1 2026: AWS, Microsoft, Google Battling In AI Era

Cloud Market Share Q1 2026: AWS, Microsoft, Google Battling In AI Era

May 4, 2026
Google’s 0 Million Partner Fund Targets AI Agent Era Channel Paradigm Shift

Google’s $750 Million Partner Fund Targets AI Agent Era Channel Paradigm Shift

April 24, 2026
ACP CreativIT Rebrands As Tusker, Mounts National Sales Charge, Eyes New Acquisitions

ACP CreativIT Rebrands As Tusker, Mounts National Sales Charge, Eyes New Acquisitions

January 13, 2026
Veeam Debuts Data Resiliency Maturity Model To Assess, Improve Customers’ Cyber Resiliency

Veeam Debuts Data Resiliency Maturity Model To Assess, Improve Customers’ Cyber Resiliency

April 23, 2025

PTechHub

A tech news platform delivering fresh perspectives, critical insights, and in-depth reporting — beyond the buzz. We cover innovation, policy, and digital culture with clarity, independence, and a sharp editorial edge.

Follow Us

Industries

  • AI & ML
  • Cybersecurity
  • Enterprise IT
  • Finance
  • Telco

Navigation

  • About
  • Advertise
  • Privacy & Policy
  • Contact

Subscribe to Our Newsletter

  • About
  • Advertise
  • Privacy & Policy
  • Contact

Copyright © 2025 | Powered By Porpholio

No Result
View All Result
  • News
  • Industries
    • Enterprise IT
    • AI & ML
    • Cybersecurity
    • Finance
    • Telco
  • Brand Hub
    • Lifesight
  • Blogs

Copyright © 2025 | Powered By Porpholio