CVE-2025-36004

| EUVD-2025-19080 HIGH
2025-06-25 [email protected]
8.8
CVSS 3.1
Share

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

3
Analysis Generated
Mar 15, 2026 - 23:19 vuln.today
EUVD ID Assigned
Mar 15, 2026 - 23:19 euvd
EUVD-2025-19080
CVE Published
Jun 25, 2025 - 03:15 nvd
HIGH 8.8

Tags

IBM Privilege Escalation RCE

Description

IBM i 7.2, 7.3, 7.4, and 7.5 could allow a user to gain elevated privileges due to an unqualified library call in IBM Facsimile Support for i. A malicious actor could cause user-controlled code to run with administrator privilege.

Analysis

CVE-2025-36004 is a privilege escalation vulnerability in IBM Facsimile Support for i affecting IBM i 7.2, 7.3, 7.4, and 7.5. The vulnerability stems from an unqualified library call that allows authenticated users to execute arbitrary code with administrator privileges. With a CVSS score of 8.8 and network accessibility, this represents a critical privilege escalation risk for organizations running affected IBM i systems.

Technical Context

The vulnerability exists in IBM Facsimile Support for i and is rooted in CWE-427 (Uncontrolled Search Path Element / Untrusted Search Path). This CWE class describes cases where a product searches for resources in a location that can be influenced by an attacker, typically through unqualified library references in library search paths. In the IBM i environment, an unqualified library call in the Facsimile Support component fails to explicitly specify the library namespace, allowing an attacker to inject malicious code into a predictable library location that gets executed with elevated privileges. The IBM i operating system uses a library-based architecture where library search order is critical to security; improper qualification of library references is a known attack vector on this platform. Affected CPE identifiers include IBM i versions 7.2 through 7.5 with Facsimile Support installed.

Affected Products

IBM i (['7.2', '7.3', '7.4', '7.5'])

Remediation

Immediate remediation steps: (1) Check if Facsimile Support for i is installed and in use on affected IBM i systems (versions 7.2-7.5); (2) Contact IBM Security for patched versions of Facsimile Support for i or apply security updates when released; (3) Monitor IBM Security Advisories and PSIRT for official patch availability and version numbers; (4) As a temporary mitigation, restrict network access to IBM i systems to trusted networks only and limit authenticated user access to systems running Facsimile Support; (5) Review IBM i library list configuration to understand current library search paths and identify any unauthorized library locations; (6) Implement principle of least privilege for user accounts to minimize impact if exploitation occurs; (7) Enable IBM i security auditing to detect suspicious library calls or privilege escalation attempts. Refer to IBM i Security bulletins and the official IBM PSIRT website for specific patch versions and installation instructions when available.

Priority Score

44
Low Medium High Critical
KEV: 0
EPSS: +0.1
CVSS: +44
POC: 0

Share

CVE-2025-36004 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy