A critical vulnerability in Oracle WebCenter Enterprise Capture enables an unauthenticated attacker to gain full system control via RMI, necessitating immediate security intervention.

This is a critical remote exploitation vulnerability in the Client Bundle of WebCenter Enterprise Capture, allowing an unauthenticated attacker to perform a takeover via RMI.

The CVSS score of 10.0 indicates a maximum-severity risk. A successful compromise allows an attacker to gain full control of the application, which could lead to unauthorized document access, system configuration changes, and severe operational disruption.

Immediate Action: Patch the WebCenter Enterprise Capture software to the latest version immediately.

Proactive Monitoring: Monitor for unusual RMI activity and unauthorized administrative access attempts within the network segment hosting the software.

Compensating Controls: Isolate the server from the internet and restrict RMI access to authenticated internal management systems.

Public Exploit Available: Unknown

The criticality of this vulnerability cannot be overstated. Security teams must ensure all impacted Oracle WebCenter Enterprise Capture systems are updated immediately to prevent potential exploitation.