A serious cybersecurity warning has been issued after a newly discovered Oracle E-Business Suite vulnerability left key government and military systems exposed to full takeover attacks. The National Cyber Emergency Response Team has urged immediate action as hackers actively exploit the flaw.
National CERT confirmed that government departments, military institutions, and critical infrastructure bodies are at high risk due to an unpatched weakness in Oracle E-Business Suite, a platform widely used for finance, HR, procurement, and supply chain operations. The vulnerability allows attackers to break into systems without needing a password, raising fears of data theft, system disruption, and operational shutdowns.
The cyber advisory states that the flaw, catalogued as CVE-2025-61882 with a critical severity score of 9.8, is already being targeted by hackers attempting unauthorized access and extortion.
“This vulnerability is being exploited in the wild and poses an immediate threat to unpatched Oracle EBS systems,” the warning notes, highlighting that exposed or internet-connected servers face the greatest danger.
CERT officials said the flaw can be triggered through normal web traffic, meaning attackers can take control simply through HTTP or HTTPS requests. Any department whose Oracle EBS instance is connected to the internet or not properly segmented is considered highly vulnerable. The advisory stresses that the system’s wide use across sensitive government functions makes the threat exceptionally serious.
Authorities have instructed all organizations to apply Oracle’s latest security patches without delay, move EBS platforms behind secure gateways or firewalls, and shut down public access to administrative interfaces. CERT also emphasized the need to monitor logs closely, watch for suspicious data movement, enable multi-factor authentication, and reset privileged account passwords.
“Even a short delay in patching increases the risk of data breaches, ransom demands, and long-lasting operational damage,” the advisory warns.
The guidance further calls for updated offline backups, active incident response readiness, and preservation of forensic evidence if an intrustion is suspected. With multiple cyberattacks already attempted, departments are required to circulate the advisory to all affiliated units and ensure continuous monitoring until systems are secured.