India, July 21 -- Tenable, an exposure management company, has identified a Remote Code Execution (RCE) vulnerability in Oracle Cloud Infrastructure (OCI) Code Editor, a service designed for developers working within Oracle's Cloud Shell ecosystem. This vulnerability could have allowed attackers to run malicious code on a server without needing direct access.

The RCE vulnerability enables threat actors to silently hijack a victim's Cloud Shell environment, with just one click by the victim and potentially move across other OCI services. Once compromised, an attacker could execute arbitrary commands, access sensitive credentials, and pivot to other OCI services like Resource Manager, Functions, and Data Science. This could lead to broader...