CVE-2025-36004

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2025-36004
IBM i 7.2, 7.3, 7.4, and 7.5 could allow a user to gain elevated privileges due to an unqualified library call in IBM Facsimile Support for i. A malicious actor could cause user-controlled code to run with administrator privilege.

8.8 /10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 2.8 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://www.ibm.com/support/pages/node/7237732 Vendor Advisory
Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:a:ibm:i:7.2:*:*:*:*:*:*:*
cpe:2.3:a:ibm:i:7.3:*:*:*:*:*:*:*
cpe:2.3:a:ibm:i:7.4:*:*:*:*:*:*:*
cpe:2.3:a:ibm:i:7.5:*:*:*:*:*:*:*
cpe:2.3:o:ibm:i:-:*:*:*:*:*:*:*
History

03 Jul 2025, 20:53

Type Values Removed Values Added
References () https://www.ibm.com/support/pages/node/7237732 - () https://www.ibm.com/support/pages/node/7237732 - Vendor Advisory
First Time Ibm
Ibm i
CPE cpe:2.3:a:ibm:i:7.3:*:*:*:*:*:*:*
cpe:2.3:a:ibm:i:7.2:*:*:*:*:*:*:*
cpe:2.3:a:ibm:i:7.4:*:*:*:*:*:*:*
cpe:2.3:a:ibm:i:7.5:*:*:*:*:*:*:*
cpe:2.3:o:ibm:i:-:*:*:*:*:*:*:*

26 Jun 2025, 18:58

Type Values Removed Values Added
Summary
  • (es) IBM i 7.2, 7.3, 7.4 y 7.5 podría permitir que un usuario obtuviera privilegios elevados debido a una llamada de librería no cualificada en IBM Facsimile Support for i. Un agente malicioso podría provocar que código controlado por el usuario se ejecute con privilegios de administrador.

25 Jun 2025, 03:15

Type Values Removed Values Added
New CVE
Information

Published : 2025-06-25 03:15

Updated : 2025-07-03 20:53

NVD link : CVE-2025-36004

Mitre link : CVE-2025-36004

CVE.ORG link : CVE-2025-36004

JSON object : View

Products Affected

ibm

  • i
CWE
CWE-427

Uncontrolled Search Path Element