What is the CVSS score of CVE-2025-13375?

CVE-2025-13375 has a CVSS 3.1 base score of 9.8 (Critical). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H. EPSS exploitation probability: 0.1%.

Which versions of IBM are affected by CVE-2025-13375?

IBM CCA versions 7.5.52 and 8.4.82 contain a critical vulnerability allowing unauthenticated remote attackers to execute arbitrary commands with system-level privileges.

How to fix or mitigate CVE-2025-13375?

Within 24 hours: Identify all systems running IBM CCA 7.5.52 or 8.4.82 and isolate them from untrusted networks; enable enhanced logging and monitoring for suspicious access patterns. Within 7 days: Implement network-level access controls restricting CCA service ports to authorized systems only; apply any available interim security updates from IBM; engage IBM support for patch timeline. Within 30 days: Deploy patched CCA versions as soon as vendor releases are available; conduct forensic review for signs of compromise; execute full security assessment of affected systems.

IBM CVE-2025-13375

CRITICAL

Execution with Unnecessary Privileges (CWE-250)

2026-02-04 psirt@us.ibm.com

IBM

9.8

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

Analysis Generated

Mar 12, 2026 - 21:54 vuln.today

CVE Published

Feb 04, 2026 - 21:15 nvd

CRITICAL 9.8

DescriptionNVD

IBM Common Cryptographic Architecture (CCA) 7.5.52 and 8.4.82 could allow an unauthenticated user to execute arbitrary commands with elevated privileges on the system.

AnalysisAI

IBM Common Cryptographic Architecture (CCA) 7.5.52 and 8.4.82 allows unauthenticated users to execute certain cryptographic operations that should require elevated privileges.

Technical ContextAI

IBM CCA has a CWE-250 execution with unnecessary privileges vulnerability that allows unauthenticated users to perform cryptographic operations requiring higher privilege levels.