Hackers now exploit critical Oracle E-Business flaw in attacks

Oracle E-Business Flaw Exploited by Hackers, Urgent Patching Recommended

A critical vulnerability in Oracle’s E-Business Suite (EBS) financial application has been discovered to be actively exploited by hackers. According to threat intelligence company Defused, attackers are now using the flaw, tracked as CVE-2026-46817, to take over vulnerable systems with ease.

For those unfamiliar, the Oracle E-Business Suite is a comprehensive financial management system used by numerous organizations worldwide. The vulnerability in question lies within the File Transmission component of Oracle Payments, allowing unauthenticated malicious actors with HTTP network access to gain unauthorized control over affected systems. This exploit can be carried out through low-complexity attacks, making it particularly concerning.

The issue was first identified and patched by Oracle as part of its May 2026 Critical Security Patch Update. The company strongly urged customers to apply these patches immediately to prevent exploitation. Unfortunately, despite this warning, many organizations have yet to take action. Shadowserver, an internet security watchdog group, has tracked over 450 Oracle EBS instances exposed online, with nearly 200 located in the United States and Europe. It remains unclear how many of these systems have already been secured against ongoing attacks.

The exploitation of this vulnerability is particularly noteworthy given the recent history of Oracle-related security incidents. Just last month, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) flagged a high-severity Oracle WebLogic Server flaw that was patched two years ago as actively exploited in attacks. This pattern highlights the importance of timely patching and regular vulnerability assessments.

The Clop extortion gang has previously exploited another Oracle EBS security flaw, demonstrating the severity of these types of vulnerabilities when left unpatched. Given the critical nature of this flaw, it is crucial for organizations using Oracle’s E-Business Suite to take immediate action. This includes verifying the patch status of all systems and ensuring that all necessary updates are applied promptly.

For those responsible for managing IT security, this incident serves as a stark reminder of the importance of regular vulnerability assessments and timely patching. It also underscores the need for robust threat detection and response measures in place to mitigate the effects of such exploits. To stay ahead of emerging threats, it’s essential to prioritize proactive security strategies, including breach and attack simulation testing, to ensure that all layers of protection are functioning as intended.

Practical Takeaway: In light of this development, organizations using Oracle’s E-Business Suite must verify their patch status immediately and apply any necessary updates. Regular vulnerability assessments and robust threat detection measures should also be in place to minimize the risk of exploitation.


Source: Bleeping Computer — 2026-06-29