SANS Stormcast Monday, October 6th, 2025: Oracle 0-Day

Update: 2025-10-06

Description

Oracle E-Business Suite 0-Day CVE-2025-61882

Last week, the Cl0p ransomware gang sent messages to many businesses stating that an Oracle E-Business Suite vulnerability was used to exfiltrate data. Initially, Oracle believed the root cause to be a vulnerability patched in June, but now Oracle released a patch for a new vulnerability.

https://www.oracle.com/security-alerts/alert-cve-2025-61882.html

Zimbra Exploit Analysis

An exploit against a Zimbra system prior to the patch release is analyzed. These exploits take advantage of .ics files to breach vulnerable systems.

https://strikeready.com/blog/0day-ics-attack-in-the-wild/

Unity Editor Vulnerability CVE-2025-59489

The Unity game editor suffered from a code execution vulnerablity that would also expose software developed with vulnerable versions

https://unity.com/security/sept-2025-01

Comments

In Channel

SANS Stormcast Wednesday, October 29th, 2025: Invisible Subject Character Phishing; Tomcat PUT Vuln; BIND9 Spoofing Vuln PoC

2025-10-2908:04

SANS Stormcast Tuesday, October 28th, 2025: Bytes over DNS; Unifi Access Vuln; OpenAI Atlas Prompt Injection

2025-10-2806:17

SANS Stormcast Monday, October 27th, 2025: Bilingual Phishing; Kaitai Struct WebIDE

2025-10-2706:20

SANS Stormcast Friday, October 24th, 2025: Android Infostealer; SessionReaper Exploited; BIND/unbound DNS Spoofing fix; WSUS Exploit

2025-10-2406:25

SANS Stormcast Thursday, October 23rd, 2025: Blue Angle Software Exploit; Oracle CPU; Rust tar library vulnerability.

2025-10-2307:28

SANS Stormcast Wednesday, October 22nd, 2025: NTP Pool; Xubuntu Compromise; Squid Vulnerability; Lanscope Vuln;

2025-10-2206:37

SANS Stormcast Tuesday, October 21st, 2025: Syscall() Obfuscation; AWS down; Beijing Time Attack

2025-10-2009:17

SANS Stormcast Monday, October 20th, 2025: Malicious Tiktok; More Google Ad Problems; Satellite Insecurity

2025-10-1906:14

SANS Stormcast Friday, October 17th, 2025: New Slack Workspace; Cisco SNMP Exploited; BIOS Backdoor; @sans_edu reseach: Active Defense

2025-10-1721:28

SANS Stormcast Thursday, October 16th, 2025: Clipboard Image Stealer; F5 Compromise; Adobe Updates; SAP Patchday

2025-10-1508:40

SANS Stormcast Wednesday, October 15th, 2025: Microsoft Patchday; Ivanti Advisory; Fortinet Patches

2025-10-1406:22

SANS Stormcast Tuesday, October 14th, 2025: ESAFENET Scans; Payroll Priates; MSFT Edge IE Mode

2025-10-1306:02

SANS Stormcast Monday, October 13th, 2025: More Oracle Patches; Sonicwall Compromisses; Unpatched Gladinet; 7-Zip Patches

2025-10-1205:56

SANS Stormcast Friday, October 10th, 2025: RedTail Defenses; SonicWall Breach; Crowdstrike “Issues”; Ivanti 0-days; Mapping Agentic Attack Surface (@sans_edu paper)

2025-10-1015:12

SANS Stormcast Thursday, October 9th, 2025: Polymorphic Python; ssh ProxyCommand Vuln;

2025-10-0906:12

SANS Stormcast Wednesday, October 8th, 2025: FreePBX Exploits; Disrupting Teams Threats; Kibana and QT SVG Patches

2025-10-0805:57

SANS Stormcast Tuesday, October 7th, 2025: More About Oracle; Redis Vulnerability; GoAnywhere Exploited

2025-10-0705:33

SANS Stormcast Monday, October 6th, 2025: Oracle 0-Day

2025-10-0606:28

SANS Stormcast Friday, October 3rd, 2025: More .well-known Scans; RedHat Openshift Patch; TOTOLINK Vuln;

2025-10-0306:35

SANS Stormcast Thursday, October 2nd, 2025: Honeypot Passwords; OneLogin Vuln; Breaking Intel SGX; OpenSSL Patch

2025-10-0208:11

00:00

SANS Stormcast Monday, October 6th, 2025: Oracle 0-Day

#box-pro-ellipsis-17617448132182{-webkit-line-clamp:2;}SANS Stormcast Monday, October 6th, 2025: Oracle 0-Day

SANS Stormcast Monday, October 6th, 2025: Oracle 0-Day

Dr. Johannes B. Ullrich

SANS Stormcast Monday, October 6th, 2025: Oracle 0-Day