{"id":271931,"date":"2026-06-13T05:21:00","date_gmt":"2026-06-13T09:21:00","guid":{"rendered":"https:\/\/news-you-need.com\/index.php\/2026\/06\/13\/u-s-cisa-adds-oracle-peoplesoft-enterprise-peopletools-flaw-to-its-known-exploited-vulnerabilities-catalog\/"},"modified":"2026-06-13T05:40:17","modified_gmt":"2026-06-13T09:40:17","slug":"u-s-cisa-adds-oracle-peoplesoft-enterprise-peopletools-flaw-to-its-known-exploited-vulnerabilities-catalog","status":"publish","type":"post","link":"https:\/\/news-you-need.com\/index.php\/2026\/06\/13\/u-s-cisa-adds-oracle-peoplesoft-enterprise-peopletools-flaw-to-its-known-exploited-vulnerabilities-catalog\/","title":{"rendered":"U.S. CISA adds Oracle PeopleSoft Enterprise PeopleTools\u00a0flaw to its Known Exploited Vulnerabilities catalog"},"content":{"rendered":"

U.S. CISA adds Oracle PeopleSoft Enterprise PeopleTools\u00a0flaw to its Known Exploited Vulnerabilities catalog<\/a><\/p>\n

https:\/\/securityaffairs.com\/193574\/security\/u-s-cisa-adds-oracle-peoplesoft-enterprise-peopletools-flaw-to-its-known-exploited-vulnerabilities-catalog.html<\/a><\/p>\n

Publish Date: 2026-06-13 05:21:00<\/a><\/p>\n

Source Domain: securityaffairs.com<\/a><\/p>\n

U.S. CISA adds Oracle PeopleSoft Enterprise PeopleTools\u00a0flaw to its Known Exploited Vulnerabilities catalog<\/h2>\n<\/p>\n

\t\t\t\t\t\t\t Pierluigi Paganini<\/span>
\n\t\t\t\t\t\t\t\"\"\/ June 13, 2026<\/span><\/p>\n

\t\t\t\t\t\t\"\"\/<\/p>\n

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Oracle PeopleSoft Enterprise PeopleTools flaw to its Known Exploited Vulnerabilities catalog.<\/h2>\n

The U.S. Cybersecurity and Infrastructure Security Agency (CISA)\u00a0added Oracle PeopleSoft Enterprise PeopleTools flaw, tracked as CVE-2026-35273 (CVSS score of 9.8), to its Known Exploited Vulnerabilities (KEV) catalog.<\/p>\n

Oracle PeopleSoft Enterprise PeopleTools is the underlying technology platform used to build, run, administer, and customize Oracle PeopleSoft applications.<\/p>\n

The flaw\u00a0CVE-2026-35273\u00a0is a remote code execution vulnerability in Oracle PeopleSoft\u2019s Environment Management component. No authentication required. No user interaction required. Just network access to the Environment Management Hub endpoint and you can take over the server.<\/p>\n

This week, Mandiant and Google\u2019s Threat Intelligence Group published an analysis of an active\u00a0ShinyHunters\u00a0campaign on June 11, one day after Oracle finally issued an advisory for the vulnerability being exploited. The gap matters: the activity ran from May 27 to June 9, meaning every organization hit during those two weeks was dealing with a zero-day, a flaw with no available patch and no official vendor warning. Sixty-eight percent of the more than 100 organizations Mandiant notified were universities and colleges, most of them in the United States.<\/p>\n

\u201cMandiant and Google Threat Intelligence Group (GTIG) have identified an active compromise and extortion campaign attributed to UNC6240 (ShinyHunters) targeting Oracle PeopleSoft application infrastructure. The activity was observed between May 27, 2026, and June 9, 2026 and is consistent with the exploitation of\u00a0CVE-2026-35273, a critical remote code execution vulnerability (CVSS 9.8)…<\/p>\n

Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

U.S. CISA adds Oracle PeopleSoft Enterprise PeopleTools\u00a0flaw to its Known Exploited Vulnerabilities catalog https:\/\/securityaffairs.com\/193574\/security\/u-s-cisa-adds-oracle-peoplesoft-enterprise-peopletools-flaw-to-its-known-exploited-vulnerabilities-catalog.html Publish…<\/p>\n","protected":false},"author":1,"featured_media":271932,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/securityaffairs.com\/wp-content\/uploads\/2020\/07\/CISA.jpeg","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[24,27],"class_list":["post-271931","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-cybersecurity","tag-vulnerability"],"_links":{"self":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/271931"}],"collection":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=271931"}],"version-history":[{"count":1,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/271931\/revisions"}],"predecessor-version":[{"id":271933,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/271931\/revisions\/271933"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/271932"}],"wp:attachment":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=271931"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=271931"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=271931"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}