{"id":59552,"date":"2025-07-22T02:30:06","date_gmt":"2025-07-22T02:30:06","guid":{"rendered":""},"modified":"2025-08-08T23:41:36","modified_gmt":"2025-08-09T05:41:36","slug":"cve-2025-30744-critical-vulnerability-in-oracle-mobile-field-service-enabling-unauthorized-data-access","status":"publish","type":"post","link":"https:\/\/www.ameeba.com\/blog\/cve-2025-30744-critical-vulnerability-in-oracle-mobile-field-service-enabling-unauthorized-data-access\/","title":{"rendered":"CVE-2025-30744: Critical Vulnerability in Oracle Mobile Field Service Enabling Unauthorized Data Access<\/strong>"},"content":{"rendered":"

Overview<\/strong><\/p>\n

In the evolving landscape of cybersecurity, a new vulnerability has been discovered within Oracle E-Business Suite’s Oracle Mobile Field Service product. This vulnerability, identified as CVE-2025-30744, poses a significant threat to the integrity and confidentiality of critical data. The affected versions are 12.2.3 to 12.2.13. This flaw matters significantly because it allows low privileged attackers with network access via HTTP to compromise the Oracle Mobile Field Service, potentially leading to unauthorized<\/a> creation, deletion, or modification access to critical data.<\/p>\n

Vulnerability Summary<\/strong><\/p>\n

CVE ID: CVE-2025-30744
\nSeverity: Critical (8.1 CVSS score)
\nAttack Vector: Network (HTTP)
\nPrivileges Required: Low
\nUser Interaction: None
\nImpact: Unauthorized access to and modification of critical data<\/a><\/p>\n

Affected Products<\/strong><\/p>

\r\n

\r\n \r\n \"Ameeba\r\n <\/a>\r\n Share secrets securely\r\n <\/h2>\r\n\r\n

\r\n Ameeba is private infrastructure for communication and sensitive work built on encrypted identity instead of exposed corporate identity systems.\r\n <\/p>\r\n\r\n

\r\n Passwords, credentials, confidential files, screenshots, internal discussions, sensitive AI context, and private coordination should not become exposed across ordinary communication platforms.\r\n <\/p>\r\n\r\n