Tag
#erp
3 posts tagged #erp.
-
Analysis · May 20, 2026 · Colten Anderson
Your ERP is on the internet, and it's the system that cuts the checks
Security programs treat ERP as 'internal.' Oracle E-Business Suite exposes web modules to the internet by design, and CVE-2022-21587 turned one into unauthenticated code execution on the system that runs payroll, purchase orders, and the general ledger.
-
Analysis · May 5, 2026 · Colten Anderson
Oracle blamed its customers for a zero-day it hadn't patched
Oracle's first public statement during active Cl0p exploitation told customers the breach was their fault for not applying a patch that didn't exist. The correction came Saturday night, behind a paywall.
-
Analysis · May 5, 2026 · Colten Anderson
Cl0p chained an Oracle EBS SSRF into a mass extortion campaign. Your patch window is 21 days.
CVE-2025-61884 is a pre-auth SSRF in Oracle E-Business Suite that Cl0p weaponized into a full RCE chain hitting 100+ organizations. Here's what patching EBS actually looks like under a KEV deadline.