轉發 台灣電腦網路危機處理暨協調中心 資安訊息警訊 TWCERTCC-200-202606-00000007

[內容說明]
近日Oracle針對 PeopleSoft PeopleTools發布重大資安公告(CVE-2026-35273，CVSS：9.8)，該漏洞允許未經身分驗證的遠端攻擊者可遠端程式碼執行。

[影響平台]
PeopleSoft Enterprise PeopleTools 8.61、8.62版本

[建議措施]
根據官方網站釋出的解決方式進行修補： https://www.oracle.com/security-alerts/alert-cve-2026-35273.html

[參考資料]
1. https://www.twcert.org.tw/tw/cp-169-10961-3fb42-1.html

Forwarded from Taiwan Computer Network Crisis Management and Coordination Center: Cybersecurity Alert TWCERTCC-200-202606-00000007

[Content Description]
Oracle recently released a major cybersecurity bulletin (CVE-2026-35273, CVSS: 9.8) for PeopleSoft PeopleTools. This vulnerability allows unauthenticated remote attackers to execute remote code.

[Affected Platforms]
PeopleSoft Enterprise PeopleTools versions 8.61 and 8.62

[Recommended Actions]
Patchut the vulnerability according to the solution released on the official website: https://www.oracle.com/security-alerts/alert-cve-2026-35273.html

[References]
1. https://www.twcert.org.tw/tw/cp-169-10961-3fb42-1.html