Oracle Releases January 2023 Critical Patch Update Advisory
Scheduled advisory includes 327 security updates across multiple Oracle product families
Summary
Scheduled advisory includes 327 security updates across multiple Oracle product families
Affected platforms
The following platforms are known to be affected:
The following platforms are also known to be affected:
Please review the Oracle Critical Patch Update Advisory - January 2023 for more information about these and many more affected platforms.
Threat details
Introduction
Oracle has released the Critical Patch Update Advisory for January 2023 to address 327 vulnerabilities across multiple products. A remote, unauthenticated attacker could exploit some of these vulnerabilities to take control of an affected system.
Exploitation of CVE-2023-21839 in the wild
The US Cybersecurity and Infrastructure Security Agency (CISA) has reported exploitation in the wild of CVE-2023-21839 and has added the vulnerabilities to the Known Exploited Vulnerability Catalog.
Threat updates
| Date | Update |
|---|---|
| 27 Feb 2023 |
Proof-of-concept released for CVE-2023-21839
This article has been updated to reflect this change. |
Remediation advice
Affected organisations are encouraged to review the Oracle Critical Patch Update Advisory - January 2023 and apply the necessary updates or workarounds.
Definitive source of threat updates
Last edited: 2 May 2023 3:56 pm