Initiatives for
As the national authority for Cybersecurity the CCB has developed several initiatives for specific publics which are presented here.
WARNING: ORACLE PATCH BUNDLE COVERS MULTIPLE CRITICAL UPDATES, PATCH IMMEDIATELY! All
Image
Published : 22/01/2025
Reference:
Advisory #2025-17
Version:
1.0
Affected software:
Oracle Analytics
Oracle Communications
Oracle Communications Applications
Oracle Financial Services Application
Oracle Fusion Middleware
Oracle JD Edwards
Oracle MySQL
Oracle PeopleSoft
Oracle Supply Chain
Type:
Remote Code Execution
CVE/CVSS:
CVE-2025-21524: CVSS 9.8 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVE-2025-21535: CVSS 9.8 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVE-2025-21547: CVSS 9.1 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H)
Sources
https://www.oracle.com/security-alerts/cpujan2025.html
https://blogs.oracle.com/security/post/january-2025-cpu-released
Risks
Oracle released patches for multiple products addressing multiple critical vulnerabilities. Please check which vulnerabilities affect your organization. Exploiting these vulnerabilities may allow an attacker to access a system or steal information.
These updates include fixes for third-party software that certain Oracle products rely on. While this advisory does not address those vulnerabilities, the CCB recommends reviewing the Oracle advisory to identify which vulnerabilities are relevant to your organization.
Note: This advisory only highlights the most important vulnerabilities; please refer to the Oracle security alert for a detailed overview.
Description
CVE-2025-21524 Oracle JD Edwards EnterpriseOne Tool
A vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards allows an unauthenticated attacker with network access via HTTP to compromise the device. A threat actor can easily exploit CVE-2025-21524.
CVE-2025-21535 Oracle WebLogic Server
A vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware may be exploited by an unauthenticated attacker with network access via T3, IIOP to take control of the Oracle WebLogic Server. A threat actor can easily exploit CVE-2025-21535.
A similar vulnerability tracked as CVE-2020-2883 (CVSS score: 9.8) was recently added to the CISA list of Known Exploited Vulnerabilities!
CVE-2025-21547 Oracle Hospitality OPERA 5
A vulnerability in the Oracle Hospitality OPERA 5 allows an unauthenticated attacker with network access via HTTP to compromise Oracle Hospitality OPERA 5. A threat actor can easily exploit CVE-2025-21524.
Exploitation can lead to unauthorized access to critical data or create a Denial of Service (DOS)
Recommended Actions
Patch
The Centre for Cybersecurity Belgium strongly recommends installing updates for vulnerable devices with the highest priority after thorough testing.
Monitor/Detect
The CCB recommends organizations upscale monitoring and detection capabilities to identify any related suspicious activity, ensuring a swift response in case of an intrusion.
In case of an intrusion, you can report an incident via https://ccb.belgium.be/cert/report-incident.
While patching appliances or software to the newest version may provide safety from future exploitation, it does not remediate historic compromise.
References
https://thehackernews.com/2025/01/oracle-releases-january-2025-patch-to.html