CVE-2020-2950

CRITICAL

Oracle Business Intelligence <12.2.1.4.0 - RCE

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2020-2950. PoCs published by tuo4n8.

AI-analyzed exploit summary This repository contains a functional exploit for CVE-2020-2950, an AMF deserialization vulnerability in Oracle Business Intelligence. The exploit leverages a crafted AMF payload to achieve remote code execution by chaining deserialization gadgets.

Description

Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Fusion Middleware (component: Analytics Web General). Supported versions that are affected are 5.5.0.0.0, 11.1.1.9.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Business Intelligence Enterprise Edition. Successful attacks of this vulnerability can result in takeover of Oracle Business Intelligence Enterprise Edition. CVSS 3.0 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).

Exploits (1)

nomisec WORKING POC

by tuo4n8 · poc

https://github.com/tuo4n8/CVE-2020-2950

View Code ZIP pw:eip

This repository contains a functional exploit for CVE-2020-2950, an AMF deserialization vulnerability in Oracle Business Intelligence. The exploit leverages a crafted AMF payload to achieve remote code execution by chaining deserialization gadgets.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Oracle Business Intelligence (versions 5.5.0.0.0, 11.1.1.9.0, 12.2.1.3.0)

No auth needed

Prerequisites: Network access to the target Oracle BI server · Vulnerable version of Oracle BI

MITRE ATT&CK

T1189 - Drive-by Compromise T1068 - Exploitation for Privilege Escalation

devstral-2 · analyzed Feb 19, 2026 Full analysis →

References (2)

Core 2

Core References

Patch, Vendor Advisory x_refsource_misc

https://www.oracle.com/security-alerts/cpuapr2020.html

Third Party Advisory, VDB Entry x_refsource_misc

https://www.zerodayinitiative.com/advisories/ZDI-20-505/

Scores

CVSS v3 9.8

EPSS 0.7103

EPSS Percentile 99.3%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact total

Details

Status published

Products (4)

oracle/business_intelligence 5.5.0.0.0

oracle/business_intelligence 11.1.1.9.0

oracle/business_intelligence 12.2.1.3.0

oracle/business_intelligence 12.2.1.4.0

Published Apr 15, 2020

Tracked Since Feb 18, 2026