---
title: >-
  Protection from CVE-2025-61882 (Oracle E-Business Suite Pre-Auth Remote Code
  Execution)
summary: null
url: >-
  https://www.fastly.com/documentation/reference/changes/2025/10/protection-from-cve-2025-61882-oracle-e-business-suite-pre-auth-remote-code-execution
---


A pre-authentication remote code execution vulnerability has been found in Oracle E-Business Suite and has been assigned CVE-2025-61882. Fastly has created a virtual patch for it that is now available within your account. To activate it and add protection to your services, follow the steps for your control panel below.

## Next-Gen WAF control panel

<!-- TabbedPanels component: 
<Panel id="tab-one" label="Professional or Premier platform">

1. <Partial name='step-ngwaf-login' inline />
1. <Partial name='step-ngwaf-select-site' inline />
1. From the **Rules** menu, select **Templated Rules**.
1. In the search bar, enter `CVE-2025-61882` and then click **View** for the CVE-2025-61882 templated rule.
1. Click **Configure** and then **Add trigger**.
1. Select the **Block requests from an IP immediately if the CVE-2025-61882 signal is observed** checkbox.
1. Click **Update rule**.

</Panel>
<Panel id="tab-two" label="Essential platform">

1. <Partial name='step-ngwaf-login' inline />
1. <Partial name='step-ngwaf-select-site' inline />
1. Click the **Signals** tab.
1. In the search bar, enter `CVE-2025-61882` and then click **View** for the CVE-2025-61882 tag.
1. Click the **Detections** tab and then **Add detection**.
1. Verify the switch is set to **Enabled**.
1. Click **Create detection**.
1. Click the **Alerts** tab and then **Add alert**.
1. In the **Status** area, set the switch to **Enabled**.
1. Click **Save alert**.

</Panel>
 -->

## Fastly control panel

1. <Partial name='step-login' inline />
1. <Partial name='step-ngwaf-click-workspaces' inline />
1. Click **Virtual Patches**.
1. In the search bar, enter `CVE-2025-61882` and then click the pencil to the right of the CVE-2025-61882 virtual patch.
1. From the **Status** menu, select **Enabled**.
1. *(Optional)* If your workspace is in blocking mode, choose whether to **Block requests** or **Log requests** if the CVE-2025-61882 signal is observed.
1. Click **Update virtual patch**.