IBM Backup Services Vulnerability Let Attackers Escalate Privileges
- С сайта: Vulnerability(cybersecuritynews.com)
- Вернуться к списку новостей
С сайта: Vulnerability(cybersecuritynews.com)
A critical security vulnerability in IBM Backup, Recovery, and Media Services for the i platform that could allow attackers to gain elevated privileges and execute malicious code with component-level access to the host operating system.
The vulnerability, tracked as CVE-2025-33108, stems from an unqualified library call made by a BRMS program and carries a CVSS base score of 8.5, indicating high severity.
The security flaw affects IBM i versions 7.5 and 7.4, potentially exposing organizations running these systems to privilege escalation attacks.
According to IBM’s security bulletin published on June 13, 2025, the vulnerability could enable a user with compilation or program restoration capabilities to exploit the system through user-controlled code execution.
IBM Backup Services Privilege Escalation
The vulnerability is classified under CWE-250: Execution with Unnecessary Privileges and exploits an unqualified library call weakness within the BRMS architecture.
The attack vector requires network access with high attack complexity, low privileges, and no user interaction, as indicated by the CVSS vector (CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H).
A malicious actor who successfully exploits this vulnerability could cause user-controlled code to execute with elevated system privileges, potentially compromising the confidentiality, integrity, and availability of the affected system.
The scope change indicator in the CVSS vector suggests that the vulnerability could impact resources beyond the vulnerable component itself.
The technical nature of this flaw lies in how the BRMS program makes library calls without proper qualification, creating an opportunity for attackers to inject malicious code that runs with higher privileges than intended.
This type of vulnerability is particularly concerning in enterprise environments where backup and recovery systems often have extensive system access.
A successful exploit could provide attackers with extensive access to critical business data and system functions.
Risk Factors Details Affected ProductsIBM Backup, Recovery and Media Services for i (BRMS) versions 7.5 and 7.4ImpactPrivilege escalationExploit Prerequisites– User capabilities to compile or restore a program- Network access (AV:N) and low privileges (PR:L)CVSS 3.1 Score8.5 (High)
Mitigations
IBM has released Program Temporary Fixes (PTFs) to address the vulnerability across affected versions.
Organizations running IBM i Release 7.5 should apply PTF SJ05907, while those on Release 7.4 need to install PTF SJ05906. Both fixes are available through IBM’s support portal and Fix Central.
The patches target the 5770-BR1 product code specifically, addressing the unqualified library call issue that enables the privilege escalation.
System administrators can download the appropriate PTF from IBM’s MySupport portal using the provided links or access it through the centralized Fix Central repository.
Notably, IBM has indicated that no workarounds or mitigations are available for this vulnerability, making the application of the security patches the only viable solution.
This underscores the critical importance of immediate patch deployment for affected systems.
Organizations should prioritize the immediate deployment of the available PTFs, particularly in environments where backup systems are network-accessible or where multiple users have compilation or restoration privileges.
#Cyber_Security #Cyber_Security_News #IBM #Vulnerability #cyber_security #cyber_security_news
Оригинальная версия на сайте:
IBM Backup Services Vulnerability Let Attackers Escalate Privileges
Author: KaaviyaA critical security vulnerability in IBM Backup, Recovery, and Media Services for the i platform that could allow attackers to gain elevated privileges and execute malicious code with component-level access to the host operating system.
The vulnerability, tracked as CVE-2025-33108, stems from an unqualified library call made by a BRMS program and carries a CVSS base score of 8.5, indicating high severity.
The security flaw affects IBM i versions 7.5 and 7.4, potentially exposing organizations running these systems to privilege escalation attacks.
According to IBM’s security bulletin published on June 13, 2025, the vulnerability could enable a user with compilation or program restoration capabilities to exploit the system through user-controlled code execution.
IBM Backup Services Privilege Escalation
The vulnerability is classified under CWE-250: Execution with Unnecessary Privileges and exploits an unqualified library call weakness within the BRMS architecture.
The attack vector requires network access with high attack complexity, low privileges, and no user interaction, as indicated by the CVSS vector (CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H).
A malicious actor who successfully exploits this vulnerability could cause user-controlled code to execute with elevated system privileges, potentially compromising the confidentiality, integrity, and availability of the affected system.
The scope change indicator in the CVSS vector suggests that the vulnerability could impact resources beyond the vulnerable component itself.
The technical nature of this flaw lies in how the BRMS program makes library calls without proper qualification, creating an opportunity for attackers to inject malicious code that runs with higher privileges than intended.
This type of vulnerability is particularly concerning in enterprise environments where backup and recovery systems often have extensive system access.
A successful exploit could provide attackers with extensive access to critical business data and system functions.
Risk Factors Details Affected ProductsIBM Backup, Recovery and Media Services for i (BRMS) versions 7.5 and 7.4ImpactPrivilege escalationExploit Prerequisites– User capabilities to compile or restore a program- Network access (AV:N) and low privileges (PR:L)CVSS 3.1 Score8.5 (High)
Mitigations
IBM has released Program Temporary Fixes (PTFs) to address the vulnerability across affected versions.
Organizations running IBM i Release 7.5 should apply PTF SJ05907, while those on Release 7.4 need to install PTF SJ05906. Both fixes are available through IBM’s support portal and Fix Central.
The patches target the 5770-BR1 product code specifically, addressing the unqualified library call issue that enables the privilege escalation.
System administrators can download the appropriate PTF from IBM’s MySupport portal using the provided links or access it through the centralized Fix Central repository.
Notably, IBM has indicated that no workarounds or mitigations are available for this vulnerability, making the application of the security patches the only viable solution.
This underscores the critical importance of immediate patch deployment for affected systems.
Organizations should prioritize the immediate deployment of the available PTFs, particularly in environments where backup systems are network-accessible or where multiple users have compilation or restoration privileges.
#Cyber_Security #Cyber_Security_News #IBM #Vulnerability #cyber_security #cyber_security_news
Оригинальная версия на сайте:
