Ethical Hacking News
Attackers are actively exploiting a critical flaw in Oracle E-Business Suite, CVE-2026-46817, that allows remote, unauthenticated attackers to take over Oracle Payments. Organizations must apply the latest security updates as soon as possible to prevent potential attacks.
Attackers are actively exploiting a critical flaw in Oracle E-Business Suite, CVE-2026-46817. The vulnerability allows remote, unauthenticated attackers to take over Oracle Payments systems. The flaw has already been exploited on Oracle E-Business honeypots, indicating it's a targeted threat. The vulnerability affects Oracle Payments versions 12.2.3 through 12.2.15 and can be exploited over HTTP. There are no known previous exploits or public POC code for this vulnerability, making it particularly concerning. Multiple organizations have been affected by the vulnerability, including universities and colleges. Oracle has released a Critical Patch Update to fix the issue, but prompt patching is essential. Other vulnerabilities, such as CVE-2026-35273 in Oracle PeopleSoft Enterprise PeopleTools, are also being exploited by malicious actors.
The recent revelation that attackers are actively exploiting a critical flaw in Oracle E-Business Suite, CVE-2026-46817, has sent shockwaves throughout the cybersecurity community. This vulnerability, which allows remote, unauthenticated attackers to take over Oracle Payments systems, has left many organizations scrambling to patch their systems and protect themselves from potential attacks.
According to Defused Cyber, a cybersecurity firm that monitored the vulnerability, the flaw was being actively exploited on Oracle E-Business honeypots over the weekend. This indicates that the vulnerability is already being targeted by malicious actors, making it essential for organizations to take immediate action to patch their systems and apply the latest security updates.
The vulnerability, CVE-2026-46817, affects Oracle Payments versions 12.2.3 through 12.2.15 and allows unauthenticated attackers to take over vulnerable systems over HTTP. This means that even if an organization has not intentionally exposed its system to the internet, it can still be compromised by an attacker who has obtained access to the Environment Management Hub endpoint.
The fact that this vulnerability has no known previous exploitation and no public POC code exists makes it a particularly concerning threat. This means that attackers have a significant advantage in exploiting this vulnerability without being detected, making it essential for organizations to take proactive measures to protect themselves.
In recent weeks, multiple organizations have been affected by this vulnerability, including universities and colleges. In fact, Mandiant notified 68% of the more than 100 organizations they tracked were affected during the two-week period between May 27 and June 9. This highlights the severity of the threat posed by CVE-2026-46817 and underscores the need for organizations to take immediate action to patch their systems.
Oracle has already released a Critical Patch Update that fixes the issue, but it is essential for organizations to apply these patches as soon as possible to prevent potential attacks. The fact that this vulnerability was exploited so soon after its discovery by Mandiant highlights the importance of prompt patching and continuous monitoring of system security.
In addition to the Oracle E-Business Suite flaw, other vulnerabilities have been reported in recent weeks, including CVE-2026-35273, which affects Oracle PeopleSoft Enterprise PeopleTools. This vulnerability is also a remote code execution vulnerability that allows unauthenticated attackers to take over vulnerable systems without any user interaction or authentication required.
The fact that these vulnerabilities are being exploited by malicious actors highlights the growing concern for cybersecurity in recent weeks. As attackers become increasingly sophisticated and exploit more vulnerabilities, it is essential for organizations to stay vigilant and proactive in protecting their systems and data.
In conclusion, the Oracle E-Business Suite flaw, CVE-2026-46817, is a significant threat to organizational security, particularly given its remote, unauthenticated nature. Organizations must take immediate action to patch their systems and apply the latest security updates to prevent potential attacks. The recent exploits of this vulnerability highlight the importance of prompt patching and continuous monitoring of system security.
Related Information:
https://www.ethicalhackingnews.com/articles/The-Oracle-E-Business-Suite-Flaw-A-Growing-Concern-for-Cybersecurity-ehn.shtml
https://securityaffairs.com/194463/security/attackers-actively-exploit-the-oracle-e-business-suite-flaw-cve-2026-46817.html
https://nvd.nist.gov/vuln/detail/CVE-2026-46817
https://www.cvedetails.com/cve/CVE-2026-46817/
https://nvd.nist.gov/vuln/detail/CVE-2026-35273
https://www.cvedetails.com/cve/CVE-2026-35273/
Published: Wed Jul 1 15:33:48 2026 by llama3.2 3B Q4_K_M