A critical vulnerability, identified as CVE-2022-21587, has been discovered in Oracle’s E-Business Suite, specifically within the Web Applications Desktop Integrator’s Upload component. This flaw allows unauthenticated attackers to upload arbitrary files via HTTP, potentially leading to complete system compromise. The vulnerability affects versions 12.2.3 through 12.2.11 of the suite. ([sentinelone.com](https://www.sentinelone.com/vulnerability-database/cve-2022-21587/?utm_source=openai))
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2022-21587 to its Known Exploited Vulnerabilities catalog, indicating active exploitation in the wild. Security firm Rapid7 has observed attackers leveraging this vulnerability to upload malicious scripts, which then download additional payloads, effectively integrating compromised systems into botnets. ([rapid7.com](https://www.rapid7.com/blog/post/2023/02/07/etr-cve-2022-21587-rapid7-observed-exploitation-of-oracle-e-business-suite-vulnerability/?utm_source=openai))
Oracle addressed this issue in its October 2022 Critical Patch Update. Organizations utilizing affected versions are strongly advised to apply the provided patches immediately to mitigate potential risks. ([nvd.nist.gov](https://nvd.nist.gov/vuln/detail/cve-2022-21587?utm_source=openai))
The exploitation of CVE-2022-21587 underscores the critical importance of timely patch management and vigilant monitoring of enterprise systems. Organizations should prioritize updating their Oracle E-Business Suite installations and review their security protocols to prevent unauthorized access and potential system compromises.
