Oracle patches software security flaw which could have let hackers steal business files

Credit: The original article is published here.


  • Oracle reports patching a security flaw in Agile PLM
  • The bug was being exploited in the wild to steal files
  • More than 1,000 companies could be vulnerable

Oracle has fixed a vulnerability in its Oracle Agile Product Lifecycle Management (PLM) product which could have allowed threat actors to download files from the platform.

Since the bug was exploited in the wild as a zero-day, the company urged users to apply the patch immediately and thus secure their endpoints.

Oracle Agile Product Lifecycle Management (PLM) is the company’s software tool to help businesses manage the entire lifecycle of a product, from ideation and design to production and retirement.

Confirmed exploitation

More than 1,100 companies reportedly use Oracle Agile Product Lifecycle Management (PLM), predominantly large enterprises with more than 10,000 employees and revenues exceeding $1 billion. The total number of individual users across these organizations is not publicly disclosed and can vary significantly based on each company’s size and specific deployment of the software.

The patch fixes a bug tracked as CVE-2024-21287, with a designated severity score of 7.5 (high). It is remotely exploitable without authentication, Oracle explained in an advisory, adding, “it may be exploited over a network without the need for a username and password. If successfully exploited, this vulnerability may result in file disclosure.”

“Oracle strongly recommends that customers apply the updates provided by this Security Alert as soon as possible.”

In the advisory, the company did not state the bug was being exploited in the wild, but a later blog post by the company’s VP of Security Assurance, Eric Maurice, confirmed it, BleepingComputer found.

“This vulnerability affects Oracle Agile Product Lifecycle Management (PLM). It was reported as being actively exploited “in the wild” by CrowdStrike,” Maurice said.

At press time, other details were not available, so we don’t know who the threat actors are, or who they are targeting in their campaign. In any case, it’s better to be safe than sorry, so make sure to apply the patch ASAP.

You might also like