IBM Security Verify Access privilege escalation_CVE-2025-36356

9.3 / 10

CRITICAL

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Description

IBM Security Verify Access and IBM Security Verify Access Docker 10.0.0.0 through 10.0.9.0 and 11.0.0.0 through 11.0.1.0 could allow a locally authenticated user to escalate their privileges to root due to execution with more privileges than required.

Basic Information

ID CVE-2025-36356

Source ibm

Published Oct 6, 2025 at 16:50

Modified Oct 6, 2025 at 16:54

Affected Product

Vendor IBM

Product Security Verify Access Appliance

Version 10.0.0.0

Affected Versions IBM Security Verify Access Appliance 10.0.0.0
IBM Security Verify Access Appliance 11.0.0.0
IBM Security Verify Access Docker 10.0.0.0
IBM Security Verify Access Docker 11.0.0.0

CWE Classification

CWE-250

References

www.ibm.com /support/pages/node/7247215

{
    "lastseen": "",
    "description": "IBM Security Verify Access and IBM Security Verify Access Docker 10.0.0.0 through 10.0.9.0 and 11.0.0.0 through 11.0.1.0 could allow a locally authenticated user to escalate their privileges to root due to execution with more privileges than required.",
    "published": "2025-10-06T16:50:48.729Z",
    "modified": "2025-10-06T16:54:00.616Z",
    "type": "cve",
    "title": "IBM Security Verify Access privilege escalation",
    "source": "ibm",
    "references": "https://www.ibm.com/support/pages/node/7247215",
    "id": "CVE-2025-36356",
    "bulletinFamily": "",
    "cwe": [
        "CWE-250"
    ],
    "cvelist": null,
    "sourceData": "IBM Security Verify Access Appliance 10.0.0.0\nIBM Security Verify Access Appliance 11.0.0.0\nIBM Security Verify Access Docker 10.0.0.0\nIBM Security Verify Access Docker 11.0.0.0",
    "sourceHref": "",
    "cvss": {
        "score": 9.3,
        "severity": "CRITICAL",
        "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Security Verify Access Appliance",
    "version": "10.0.0.0",
    "vendor": "IBM",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}