CVE-2025-30751: Easily exploitable vulnerability allows low privileged attacker having Create Session, Create Procedure privilege with network access via Oracle Net to compromise Oracle Database. Successful attacks of this vulnerability can result in takeover of Oracle Database. in Oracle Corporation Oracle Database Server
Vulnerability in the Oracle Database component of Oracle Database Server. Supported versions that are affected are 19.27 and 23.4-23.8. Easily exploitable vulnerability allows low privileged attacker having Create Session, Create Procedure privilege with network access via Oracle Net to compromise Oracle Database. Successful attacks of this vulnerability can result in takeover of Oracle Database. CVSS 3.1 Base Score 8.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).
AI Analysis
Technical Summary
CVE-2025-30751 is a critical vulnerability affecting Oracle Database Server versions 19.27 and 23.4 through 23.8. This vulnerability resides in the Oracle Database component and can be exploited remotely via Oracle Net, the network communication layer used by Oracle databases. The flaw allows an attacker with low privileges—specifically, those who have the Create Session and Create Procedure privileges—to escalate their access and fully compromise the Oracle Database instance. The vulnerability is classified under CWE-863, which relates to improper authorization, indicating that the system fails to properly enforce privilege checks. The CVSS 3.1 base score of 8.8 reflects a high-severity issue with impacts on confidentiality, integrity, and availability. The attack vector is network-based (AV:N), requires low attack complexity (AC:L), and only low privileges (PR:L) but no user interaction (UI:N). Successful exploitation could lead to complete takeover of the database, allowing attackers to read, modify, or delete sensitive data, disrupt database availability, or execute arbitrary code within the database environment. Although no known exploits are currently reported in the wild, the ease of exploitation and the critical nature of the vulnerability make it a significant threat to organizations relying on affected Oracle Database versions.
Potential Impact
For European organizations, this vulnerability poses a substantial risk given the widespread use of Oracle Database in enterprise environments, including finance, healthcare, government, and critical infrastructure sectors. A successful attack could lead to unauthorized data disclosure, data manipulation, and service outages, severely impacting business operations and regulatory compliance, especially under GDPR requirements for data protection. The ability of a low-privileged attacker to escalate privileges and take over the database increases the threat surface, potentially enabling lateral movement within corporate networks. This could result in significant financial losses, reputational damage, and legal consequences. Additionally, disruption of critical services relying on Oracle databases could affect public services and essential industries across Europe.
Mitigation Recommendations
To mitigate this vulnerability, European organizations should immediately assess their Oracle Database deployments for affected versions (19.27 and 23.4-23.8). Although no patch links are currently provided, organizations should monitor Oracle's official security advisories for patches or updates addressing CVE-2025-30751 and apply them promptly once available. In the interim, organizations should enforce the principle of least privilege by reviewing and restricting the Create Session and Create Procedure privileges to only trusted and necessary accounts. Network-level controls should be implemented to limit Oracle Net access to trusted hosts and networks, using firewalls and network segmentation. Employing Oracle Database security features such as Database Vault or Label Security can provide additional layers of access control. Regular auditing and monitoring of database sessions and procedure creations can help detect suspicious activities early. Finally, organizations should ensure robust incident response plans are in place to quickly respond to any exploitation attempts.
Affected Countries
Germany, France, United Kingdom, Netherlands, Italy, Spain, Sweden, Belgium
CVE-2025-30751: Easily exploitable vulnerability allows low privileged attacker having Create Session, Create Procedure privilege with network access via Oracle Net to compromise Oracle Database. Successful attacks of this vulnerability can result in takeover of Oracle Database. in Oracle Corporation Oracle Database Server
Description
Vulnerability in the Oracle Database component of Oracle Database Server. Supported versions that are affected are 19.27 and 23.4-23.8. Easily exploitable vulnerability allows low privileged attacker having Create Session, Create Procedure privilege with network access via Oracle Net to compromise Oracle Database. Successful attacks of this vulnerability can result in takeover of Oracle Database. CVSS 3.1 Base Score 8.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).
AI-Powered Analysis
Technical Analysis
CVE-2025-30751 is a critical vulnerability affecting Oracle Database Server versions 19.27 and 23.4 through 23.8. This vulnerability resides in the Oracle Database component and can be exploited remotely via Oracle Net, the network communication layer used by Oracle databases. The flaw allows an attacker with low privileges—specifically, those who have the Create Session and Create Procedure privileges—to escalate their access and fully compromise the Oracle Database instance. The vulnerability is classified under CWE-863, which relates to improper authorization, indicating that the system fails to properly enforce privilege checks. The CVSS 3.1 base score of 8.8 reflects a high-severity issue with impacts on confidentiality, integrity, and availability. The attack vector is network-based (AV:N), requires low attack complexity (AC:L), and only low privileges (PR:L) but no user interaction (UI:N). Successful exploitation could lead to complete takeover of the database, allowing attackers to read, modify, or delete sensitive data, disrupt database availability, or execute arbitrary code within the database environment. Although no known exploits are currently reported in the wild, the ease of exploitation and the critical nature of the vulnerability make it a significant threat to organizations relying on affected Oracle Database versions.
Potential Impact
For European organizations, this vulnerability poses a substantial risk given the widespread use of Oracle Database in enterprise environments, including finance, healthcare, government, and critical infrastructure sectors. A successful attack could lead to unauthorized data disclosure, data manipulation, and service outages, severely impacting business operations and regulatory compliance, especially under GDPR requirements for data protection. The ability of a low-privileged attacker to escalate privileges and take over the database increases the threat surface, potentially enabling lateral movement within corporate networks. This could result in significant financial losses, reputational damage, and legal consequences. Additionally, disruption of critical services relying on Oracle databases could affect public services and essential industries across Europe.
Mitigation Recommendations
To mitigate this vulnerability, European organizations should immediately assess their Oracle Database deployments for affected versions (19.27 and 23.4-23.8). Although no patch links are currently provided, organizations should monitor Oracle's official security advisories for patches or updates addressing CVE-2025-30751 and apply them promptly once available. In the interim, organizations should enforce the principle of least privilege by reviewing and restricting the Create Session and Create Procedure privileges to only trusted and necessary accounts. Network-level controls should be implemented to limit Oracle Net access to trusted hosts and networks, using firewalls and network segmentation. Employing Oracle Database security features such as Database Vault or Label Security can provide additional layers of access control. Regular auditing and monitoring of database sessions and procedure creations can help detect suspicious activities early. Finally, organizations should ensure robust incident response plans are in place to quickly respond to any exploitation attempts.
Affected Countries
For access to advanced analysis and higher rate limits, contact root@offseq.com
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- oracle
- Date Reserved
- 2025-03-26T05:52:18.813Z
- Cvss Version
- 3.1
- State
- PUBLISHED
Threat ID: 6876b009a83201eaacd043f0
Added to database: 7/15/2025, 7:46:17 PM
Last enriched: 7/30/2025, 12:40:38 AM
Last updated: 8/18/2025, 7:49:48 AM
Views: 313
Related Threats
CVE-2025-41242: Vulnerability in VMware Spring Framework
MediumCVE-2025-47206: CWE-787 in QNAP Systems Inc. File Station 5
HighCVE-2025-5296: CWE-59 Improper Link Resolution Before File Access ('Link Following') in Schneider Electric SESU
HighCVE-2025-6625: CWE-20 Improper Input Validation in Schneider Electric Modicon M340
HighCVE-2025-57703: CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in Delta Electronics DIAEnergie
MediumActions
Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.
External Links
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.