logo

A Vulnerability in Oracle PeopleSoft PeopleTools Could Allow for Remote Code Execution

ID: c2dc55fa-829b-5f08-8232-597f8a300419

STIX ID: report--c2dc55fa-829b-5f08-8232-597f8a300419

Feed Name: CISecurity.org Advisories

Threat Score
75/100

Date Published: 2026-06-11

Date Updated: 2026-06-13

...
...

A critical vulnerability (CVE-2026-35273) in the Updates Environment Management component of PeopleSoft Enterprise PeopleTools allows unauthenticated remote code execution over HTTP, potentially enabling full system compromise of internet-facing instances. The report identifies the attack as Initial Access via exploitation of a public-facing application and warns that no authentication or user interaction is required.

Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.