Oracle patches software security flaw which could have let hackers steal business files

(Image credit: Oracle)

Oracle reports patching a security flaw in Agile PLM
The bug was being exploited in the wild to steal files
More than 1,000 companies could be vulnerable

Oracle has fixed a vulnerability in its Oracle Agile Product Lifecycle Management (PLM) product which could have allowed threat actors to download files from the platform.

Since the bug was exploited in the wild as a zero-day, the company urged users to apply the patch immediately and thus secure their endpoints.

Oracle Agile Product Lifecycle Management (PLM) is the company's software tool to help businesses manage the entire lifecycle of a product, from ideation and design to production and retirement.

Confirmed exploitation

More than 1,100 companies reportedly use Oracle Agile Product Lifecycle Management (PLM), predominantly large enterprises with more than 10,000 employees and revenues exceeding $1 billion. The total number of individual users across these organizations is not publicly disclosed and can vary significantly based on each company's size and specific deployment of the software.

The patch fixes a bug tracked as CVE-2024-21287, with a designated severity score of 7.5 (high). It is remotely exploitable without authentication, Oracle explained in an advisory, adding, “it may be exploited over a network without the need for a username and password. If successfully exploited, this vulnerability may result in file disclosure."

"Oracle strongly recommends that customers apply the updates provided by this Security Alert as soon as possible."

In the advisory, the company did not state the bug was being exploited in the wild, but a later blog post by the company’s VP of Security Assurance, Eric Maurice, confirmed it, BleepingComputer found.

"This vulnerability affects Oracle Agile Product Lifecycle Management (PLM). It was reported as being actively exploited "in the wild" by CrowdStrike," Maurice said.

At press time, other details were not available, so we don’t know who the threat actors are, or who they are targeting in their campaign. In any case, it’s better to be safe than sorry, so make sure to apply the patch ASAP.

Thousands of Oracle NetSuite ERP websites found leaking private customer information
Here's a list of the best firewalls today
These are the best endpoint protection tools right now

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.