{"id":665,"date":"2025-04-19T11:01:32","date_gmt":"2025-04-19T11:01:32","guid":{"rendered":"http:\/\/localhost\/?p=665"},"modified":"2025-04-19T11:01:32","modified_gmt":"2025-04-19T11:01:32","slug":"cve-2025-2947-ibm-i-privilege-escalation","status":"publish","type":"post","link":"https:\/\/zero.redgem.net\/?p=665","title":{"rendered":"CVE-2025-2947 IBM i privilege escalation"},"content":{"rendered":"
\n

Vulnerability Details<\/h2>\n
\n

Basic Information<\/h3>\n\n\n\n\n\n\n
Title<\/th>\nCVE-2025-2947 IBM i privilege escalation<\/td>\n<\/tr>\n
Type<\/th>\nvulnrichment<\/td>\n<\/tr>\n
Published<\/th>\n2025-04-17T17:10:52<\/td>\n<\/tr>\n
Last Seen<\/th>\n2025-04-17T18:22:29<\/td>\n<\/tr>\n
CVSS Score<\/th>\n7.2 (HIGH)<\/td>\n<\/tr>\n<\/table><\/div>\n
\n

CVSS v3 Details<\/h3>\n\n\n\n\n\n\n\n\n\n
Attack Vector<\/th>\nNETWORK<\/td>\n<\/tr>\n
Attack Complexity<\/th>\nLOW<\/td>\n<\/tr>\n
Privileges Required<\/th>\nHIGH<\/td>\n<\/tr>\n
User Interaction<\/th>\nNONE<\/td>\n<\/tr>\n
Scope<\/th>\nUNCHANGED<\/td>\n<\/tr>\n
Confidentiality Impact<\/th>\nHIGH<\/td>\n<\/tr>\n
Integrity Impact<\/th>\nHIGH<\/td>\n<\/tr>\n
Availability Impact<\/th>\nHIGH<\/td>\n<\/tr>\n<\/table><\/div>\n
\n

CVE Information<\/h3>\n\n\n\n\n
CVE IDs<\/th>\nCVE-2025-2947<\/td>\n<\/tr>\n
CWE<\/th>\nCWE-278<\/td>\n<\/tr>\n
Bulletin Family<\/th>\ncve<\/td>\n<\/tr>\n<\/table><\/div>\n
\n

Description<\/h3>\n
\n IBM i 7.6\u00a0<\/p>\n

contains a privilege escalation vulnerability due to incorrect profile swapping in an OS command. \u00a0A malicious actor can use the command to elevate privileges to gain root access to the host operating system.\n <\/p><\/div>\n<\/p><\/div>\n

\n

Impact Assessment<\/h3>\n\n\n\n
Base Score<\/th>\n7.2<\/td>\n<\/tr>\n
Severity<\/th>\nHIGH<\/td>\n<\/tr>\n<\/table><\/div>\n
\n

View full CVE details<\/a><\/p>\n<\/p><\/div>\n<\/div>\n