The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added an Oracle security flaw to its Known Exploited Vulnerabilities (KEV) Catalog after confirming that it is being actively exploited in real-world attacks. The vulnerability affects Oracle Agile Product Lifecycle Management (PLM), a platform used by organizations to manage product development and supply chain operations. The warning highlights the growing risk posed by unpatched enterprise software. Security teams are being urged to review their systems immediately.

 

The flaw is identified as CVE-2024-21287 and impacts Oracle Agile PLM Framework version 9.3.6. According to Oracle, the vulnerability is related to improper authorization controls within the application. An attacker can exploit the weakness remotely over HTTP without requiring valid login credentials. This significantly increases the risk of unauthorized access to affected systems.

If successfully exploited, the vulnerability can allow attackers to access sensitive information stored within Oracle Agile PLM environments. These systems often contain valuable business data such as product designs, engineering documents, manufacturing details, and supply chain information. Access to such data could expose critical company operations and intellectual property. The potential impact makes the flaw a serious concern for organizations using the software.

CISA’s decision to add the vulnerability to the KEV Catalog confirms that there is evidence of active exploitation. While the agency has not released information about the attackers involved or the organizations targeted, the warning indicates that the threat is real and ongoing. Vulnerabilities listed in the KEV Catalog are considered high-priority security risks. Organizations are expected to address them as quickly as possible.

Oracle previously released security updates to fix CVE-2024-21287. However, many organizations continue to operate outdated software versions due to delayed patching cycles or operational challenges. Attackers frequently search for systems that have not received available security updates. Unpatched vulnerabilities often provide an easy entry point into corporate environments.

Cybersecurity researchers have repeatedly warned that older vulnerabilities remain valuable to threat actors. Even after patches become available, many organizations fail to update their systems in a timely manner. Attackers take advantage of this gap by scanning internet-facing assets for known weaknesses. As a result, years-old vulnerabilities can continue to be exploited successfully.

Organizations using Oracle Agile PLM are advised to check whether their environments are running affected versions of the software. If vulnerable systems are identified, administrators should apply the latest available security updates without delay. Security teams should also monitor system logs for unusual activity and investigate any suspicious behavior. Additional security controls can help reduce the risk of compromise.

This latest warning serves as another reminder that patch management remains one of the most important cybersecurity practices. A vulnerability does not become harmless simply because it was discovered years ago. As long as affected systems remain exposed, attackers will continue to exploit known weaknesses. Keeping software updated is one of the most effective ways to protect sensitive data and critical business operations.