CVE-2025-61761 is a vulnerability identified in Oracle PeopleSoft Enterprise FIN Maintenance Management version 9.2, specifically within the Work Order Management component. The flaw arises from insufficient access control mechanisms (CWE-284), allowing a low privileged attacker with network access over HTTP to perform unauthorized operations on the system's data. The attacker can read, insert, update, or delete certain accessible data, compromising confidentiality and integrity. The CVSS 3.1 base score is 5.4, reflecting a medium severity level, with the vector indicating network attack vector (AV:N), low attack complexity (AC:L), requiring low privileges (PR:L), no user interaction (UI:N), unchanged scope (S:U), and limited confidentiality and integrity impacts (C:L/I:L), with no availability impact (A:N). Exploitation does not require user interaction but does require some level of privilege, suggesting that the attacker must have a valid user account or credentials with limited rights. No known exploits are currently in the wild, and no official patches have been released yet. The vulnerability could allow attackers to manipulate financial maintenance data, potentially leading to data corruption, fraud, or unauthorized disclosure of sensitive financial information. The lack of availability impact means the system remains operational, but data integrity and confidentiality are at risk. This vulnerability highlights the importance of robust access control and input validation in enterprise financial management software.

For European organizations, this vulnerability poses a significant risk to the confidentiality and integrity of financial maintenance data managed through PeopleSoft FIN Maintenance Management 9.2. Unauthorized data manipulation could lead to financial discrepancies, regulatory non-compliance, and reputational damage. Organizations in sectors such as finance, manufacturing, utilities, and public administration that rely on PeopleSoft for maintenance management are particularly vulnerable. The ability of an attacker to insert, update, or delete data could facilitate fraudulent activities or disrupt operational workflows. Confidential data exposure could also violate GDPR requirements, leading to legal and financial penalties. Since the vulnerability requires only low privileges and network access, insider threats or compromised credentials could be leveraged to exploit this flaw. The absence of availability impact means operational continuity is less likely to be affected, but the integrity and confidentiality breaches could have cascading effects on business processes and trustworthiness of financial records.

1. Implement strict network segmentation and firewall rules to restrict HTTP access to PeopleSoft FIN Maintenance Management interfaces only to trusted internal networks and authorized personnel. 2. Enforce strong authentication mechanisms and monitor for unusual login patterns to detect potential misuse of low privilege accounts. 3. Apply the principle of least privilege rigorously, ensuring users have only the minimum necessary access rights within PeopleSoft. 4. Monitor and audit all data modification activities within the FIN Maintenance Management module to detect unauthorized insert, update, or delete operations. 5. Deploy intrusion detection and prevention systems (IDPS) tuned to detect anomalous HTTP requests targeting PeopleSoft endpoints. 6. Stay informed about Oracle’s security advisories and apply patches immediately once they become available. 7. Conduct regular security assessments and penetration testing focused on access control weaknesses in PeopleSoft environments. 8. Consider implementing web application firewalls (WAF) with custom rules to block suspicious HTTP traffic targeting known vulnerable endpoints. 9. Educate users about credential security to reduce risk of account compromise. 10. Develop and test incident response plans specific to PeopleSoft data integrity incidents.