Skip to content

Over 900 Oracle EBS Instances Exposed and Actively Under Attack

On point: Over 900 exposed Oracle EBS instances are currently being attacked through a critical security vulnerability.

Security researchers have identified more than 900 Oracle E-Business Suite systems that are accessible without protection on the Internet and are being actively exploited through a critical vulnerability.

Security researchers have identified more than 900 Oracle E-Business Suite instances (EBS) that are directly accessible over the Internet without appropriate access controls. The affected systems are currently targeted by attacks exploiting a critical vulnerability in the EBS software.

Oracle EBS is a widely deployed enterprise resource planning solution (ERP) used in large organizations for managing business processes and financial data. An exposed EBS instance enables attackers potential access to sensitive business data, financial transactions, and critical system configurations — without requiring authentication.

For CISOs, this finding represents significant risks within their own perimeter. Recommendation: review all Oracle EBS systems in the organization for external accessibility, enable IP whitelisting or enforce VPN access, and immediately plan patching for the affected vulnerability. In parallel, network logs should be analyzed for suspicious access patterns.


Source: www.bleepingcomputer.com · Published July 1, 2026
Lumi AI News — AI-assisted curation per Article 50 EU AI Act. Paraphrase and classification by Lumi News Pipeline v1.7.2.

Share on: