HarborGuardharborguardDatabase
Back to search
HIGHCVE-2026-35288Published Modified CNA oracle

CVE-2026-35288: Vulnerability in the PeopleSoft Enterprise PT PeopleTools product of Oracle PeopleSoft (component: Deployment Package)

Vulnerability in the PeopleSoft Enterprise PT PeopleTools product of Oracle PeopleSoft (component: Deployment Package). Supported versions that are affected are 8.61 and 8.62. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where PeopleSoft Enterprise PT PeopleTools executes to compromise PeopleSoft Enterprise PT PeopleTools. While the vulnerability is in PeopleSoft Enterprise PT PeopleTools, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in takeover of PeopleSoft Enterprise PT PeopleTools. CVSS 3.1 Base Score 8.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H).

Metrics

CVSS v3.1
8.2
Severity
HIGH
Fixed in
Affected Products
1

Get notified

Email me when this CVE is updated: new fix versions, severity changes, or any record change.

HarborGuard Analysis

Synopsis

This is a local privilege escalation and takeover vulnerability in the Deployment Package component of Oracle PeopleSoft Enterprise PT PeopleTools, affecting versions 8.61 and 8.62. An attacker must already have a high-privileged account with local logon access to the infrastructure where PeopleTools runs, but no network exposure or victim interaction is needed. Successful exploitation gives the attacker full control over the PeopleTools instance, with impact that spills beyond the directly affected product into other components on the same host (scope change). HarborGuard is tracking this advisory and will make a patched-image rebuild available the moment Oracle publishes a fix.

HarborGuard Coverage

Detection

Detection is available across every HarborGuard environment: the CVE is ingested from upstream feeds within minutes of publication and matched against all customer images, including custom-built images that package PeopleTools components. Any image running an affected version (8.61 or 8.62) of PeopleSoft Enterprise PT PeopleTools is flagged automatically.

Available
Triage

HarborGuard scores this finding at CVSS 8.2 (HIGH) and weights it against each environment's compliance policy to determine urgency and routing. Triage results are delivered to the appropriate team inbox within the customer organization based on configured ownership rules.

Available
Patch

Because no upstream fix version has been published for CVE-2026-35288, HarborGuard re-checks the Oracle advisory on every ingest cycle and will make a patched-image rebuild available automatically the moment a fix is released. In the meantime, customers can apply compensating controls through HarborGuard's policy engine, including flagging affected images for restricted deployment.

Pending upstream

Exploit Conditions

  • Network reachabilityNot required

    The attacker needs an existing shell or process on the host; no network path to the service is required.

  • AuthenticationRequired

    A high-privileged (admin-level) account on the local infrastructure is needed before the attack can proceed.

  • Victim interactionNot required

    No user interaction is needed; the attacker can execute the exploit entirely without involving another person.

  • Attack complexityDetail

    Attack complexity is Low, meaning the exploit is reliable and imposes no special environmental conditions or timing requirements on the attacker.

Blast Radius

  • Reads all data accessible to the PeopleTools process, including credentials, configuration secrets, and application data stored on the host.
  • Modifies or destroys PeopleTools application data and configuration, potentially corrupting deployment packages and dependent components.
  • Crashes or renders the PeopleTools service unavailable, disrupting dependent business processes.
  • Because the scope changes, compromise extends beyond PeopleTools itself to other products or services co-located on the same infrastructure.

How HarborGuard Handles This

Available on HarborGuard: images running PeopleSoft Enterprise PT PeopleTools 8.61 or 8.62 are detected and flagged as affected by this HIGH-severity CVE within minutes of the advisory being ingested. Because Oracle has not yet published a fix, HarborGuard monitors the advisory on every ingest cycle and will surface a patched-image rebuild automatically once an upstream fix is available. For customers who opt into auto-remediation, the rebuild, regression-test run, and PR against affected workloads will be triggered without manual intervention at that point. In the interim, compensating controls are available through HarborGuard's policy engine: network-policy isolation can restrict which workloads are permitted to run affected images, and deployment gates can be configured to block promotion of vulnerable image versions into production environments until a patch is confirmed.

See how HarborGuard automates this
Affected packages
  • Oracle Corporation / PeopleSoft Enterprise PT PeopleTools
    8.61 · 8.62
CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
References