The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning regarding active exploitation of a critical vulnerability in Oracle Identity Manager, cataloged as CVE-2025-61757 (CVSS 9.8). This flaw, stemming from missing authentication for a critical function, allows pre-authenticated attackers to compromise affected systems. Organizations are strongly advised to apply available patches and review their identity management security posture.
CISA Alerts to Active Exploitation of Oracle Identity Manager Critical Zero-Day (CVE-2025-61757)
Leave a Reply