AI description
CVE-2025-53072 is a vulnerability in the Oracle Marketing product within the Oracle E-Business Suite, specifically affecting the Marketing Administration component. The vulnerability impacts supported versions 12.2.3 through 12.2.14. The vulnerability allows an unauthenticated attacker with network access via HTTP to compromise the Oracle Marketing system. Successful exploitation can lead to a complete takeover of Oracle Marketing, potentially resulting in theft of sensitive customer data, unauthorized alteration of marketing campaigns, or complete disruption of operations. Applying the latest security patches is strongly recommended to mitigate this vulnerability.
- Description
- Vulnerability in the Oracle Marketing product of Oracle E-Business Suite (component: Marketing Administration). Supported versions that are affected are 12.2.3-12.2.14. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Marketing. Successful attacks of this vulnerability can result in takeover of Oracle Marketing. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).
- Source
- secalert_us@oracle.com
- NVD status
- Analyzed
- Products
- marketing
CVSS 3.1
- Type
- Secondary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
- 134c704f-9b21-4f2e-91b3-4a467353bcc0
- CWE-306
- Hype score
- Not currently trending
CyberAlert 🚨 CVE-2025-53072 & CVE-2025-62481 (Oracle EBS/Marketing) — unauth RCE · CVSS 3.1: ≈9.8. Apply vendor patches and isolate exposed interfaces. #Oracle #InfoSec #CyberSecurity https://t.co/a623Ekim0j
@ashrafzaryouh
24 Oct 2025
109 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨🚨New Critical Vulnerabilities in Oracle E-Business CVE-2025-53072 & CVE-2025-62481 expose the Oracle Marketing app to unauthenticated attackers, risking full system takeover. ZoomEye Dork👉app="Oracle E-Business Suite" Over 18.9k instances. ZoomEye Link: https://t.
@zoomeye_team
23 Oct 2025
1542 Impressions
7 Retweets
20 Likes
5 Bookmarks
0 Replies
0 Quotes
🚨Alert🚨:CVE-2025-53072&CVE-2025-62481: Two Critical Vulnerabilities in the Marketing Administration Component of Oracle E-Business Suite. Successful attacks of them can result in takeover of Oracle Marketing. 📊11.9K+ Services are found on the https://t.co/ysWb28BTvF
@HunterMapping
23 Oct 2025
3122 Impressions
13 Retweets
45 Likes
18 Bookmarks
0 Replies
0 Quotes
#Michelin CERT was credited for CVE-2025-53072 and CVE-2025-62481, two pre-auth RCEs affecting #Oracle E-Business. Both are easy to exploit. Immediate remediation is advised. #security @BleepinComputer @watchtowrcyber
@Fisjkars
22 Oct 2025
139 Impressions
1 Retweet
2 Likes
0 Bookmarks
0 Replies
0 Quotes
🟥 The new Oracle Critical Patch Update Advisory has been released. Multiple NEW high/critical CVEs mentioned, like: - CVE-2025-61757, CVSS: 9.8 (Oracle Fusion Middleware version) - CVE-2025-62481, CVSS: 9.8 (Oracle Marketing product) - CVE-2025-53072, CVSS: 9.8 (Oracle http
@UjlakiMarci
22 Oct 2025
119 Impressions
0 Retweets
0 Likes
1 Bookmark
2 Replies
0 Quotes
New Critical Vulnerabilities in Oracle E-Business🚨 Two new critical vulnerabilities disclosed by Oracle - CVE-2025-53072 & CVE-2025-62481 No POC available yet - this is the perfect time to deploy some Oracle E-Business honeypots! 🍯 https://t.co/CsRE9R9Qt9
@DefusedCyber
22 Oct 2025
1909 Impressions
10 Retweets
21 Likes
6 Bookmarks
1 Reply
1 Quote
Oracle has patched two new critical CVEs (CVE-2025-53072 & CVE-2025-62481) in the Marketing Administration component of Oracle E-Business Suite. Given the recent Cl0p activity, exploitation is likely. Patch ASAP. Need help assessing exposure? https://t.co/gzSQETsyQT https:/
@watchtowrcyber
22 Oct 2025
4193 Impressions
17 Retweets
56 Likes
15 Bookmarks
0 Replies
1 Quote
CVE-2025-53072 Vulnerability in the Oracle Marketing product of Oracle E-Business Suite (component: Marketing Administration). Supported versions that are affected are 12.2.3-12.2.… https://t.co/20BWL7NT26
@CVEnew
21 Oct 2025
184 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[CVE-2025-53072: CRITICAL] Critical vulnerability in Oracle Marketing within E-Business Suite versions 12.2.3-12.2.14 allows attackers to compromise the system via HTTP. CVSS score 9.8; high impact.#cve,CVE-2025-53072,#cybersecurity https://t.co/DzDbDUMlWl https://t.co/q63TNDdGKK
@CveFindCom
21 Oct 2025
51 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:marketing:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4EDDFC92-2982-411E-8A5F-AB0BD6E293E1",
"versionEndIncluding": "12.2.14",
"versionStartIncluding": "12.2.3"
}
],
"operator": "OR"
}
]
}
]