EUVD-2025-209253

| CVE-2025-13044 MEDIUM
2026-04-07 ibm GHSA-32vv-mwc8-ch6p
6.2
CVSS 3.1
Share

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Attack Vector
Local
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
High
Availability
None

Lifecycle Timeline

4
EUVD ID Assigned
Apr 07, 2026 - 01:45 euvd
EUVD-2025-209253
Analysis Generated
Apr 07, 2026 - 01:45 vuln.today
Patch Released
Apr 07, 2026 - 01:45 nvd
Patch available
CVE Published
Apr 07, 2026 - 01:07 nvd
MEDIUM 6.2

Tags

IBM Information Disclosure

Description

IBM Concert 1.0.0 through 2.2.0 creates temporary files with predictable names, which allows local users to overwrite arbitrary files via a symlink attack.

Analysis

IBM Concert versions 1.0.0 through 2.2.0 create temporary files with predictable names, allowing local unauthenticated attackers to overwrite arbitrary files through symlink attacks. An attacker with local system access can exploit this insecure temporary file handling to modify critical application or system files, achieving high integrity impact. No public exploit code or active exploitation has been confirmed at time of analysis.

Technical Context

This vulnerability stems from inadequate temporary file creation practices, classified under CWE-340 (Generation of Predictable Numbers or Identifiers). When IBM Concert generates temporary files during operation, it uses predictable naming schemes without proper protections against symlink attacks. A local attacker can predict the temporary file path, create a symbolic link to a target file in advance, and when the application writes to the predictable temporary file location, the symlink causes the actual write operation to target an arbitrary file the attacker specifies. This is a classic TOCTOU (time-of-check-time-of-use) variant affecting local file operations. The affected product is IBM Concert, a collaboration and integration platform, across all versions from 1.0.0 through 2.2.0 (CPE: cpe:2.3:a:ibm:concert:*:*:*:*:*:*:*:*).

Affected Products

IBM Concert versions 1.0.0 through 2.2.0 are affected (CPE: cpe:2.3:a:ibm:concert:*:*:*:*:*:*:*:*). The vendor advisory is available at https://www.ibm.com/support/pages/node/7268620, which contains the definitive list of affected releases and patched versions.

Remediation

Upgrade IBM Concert to the patched version released by IBM. Organizations should consult the vendor advisory at https://www.ibm.com/support/pages/node/7268620 for the specific fixed release version applicable to their deployment. As an interim mitigation, restrict local system access to IBM Concert installation and temporary file directories to trusted users only, and monitor file system activity for suspicious symlink creation in temporary directories. Ensure the host operating system enforces secure temporary file creation protections if available (e.g., restrictive umask, secure tmpdir implementations).

Priority Score

31
Low Medium High Critical
KEV: 0
EPSS: +0.0
CVSS: +31
POC: 0

Share

EUVD-2025-209253 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy