Oracle Identity Manager

Vulnerabilities and exploits targeting Oracle Identity Manager.

CISA Warns of Actively Exploited Critical Oracle Identity Manager Zero-Day Vulnerability

Nov 23, 2025

—

by

Reza Rafati

in Cyber News & Updates

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a stark warning regarding a critical, actively exploited zero-day vulnerability in Oracle Identity Manager (CVE-2025-52054). This flaw, with a CVSS score of 9.8, allows remote attackers to bypass authentication and gain unauthorized access, posing a significant risk of complete system compromise to affected versions.