CVE-2025-33112 — Relative Path Traversal in IBM Vios

CWE-23 — Relative Path Traversal3 documents3 sources

Severity

8.4HIGHNVD

EPSS

0.1%

top 77.35%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

IBM AIX IBM Vios

Timeline

PublishedJun 10

Description

IBM AIX 7.3 and IBM VIOS 4.1.1 Perl implementation could allow a non-privileged local user to exploit a vulnerability to execute arbitrary code due to improper neutralization of pathname input.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 2.5 | Impact: 5.9

Affected Packages4 packages

▶CVEListV5ibm/vios4.1.1

▶NVDibm/vios4.1.1

▶CVEListV5ibm/aix7.3

▶NVDibm/aix7.3.3

🔴Vulnerability Details

GHSA

GHSA-p844-6jfp-89rq: IBM AIX 7↗2025-06-10

▶

CVEList

IBM AIX command execution↗2025-06-10

▶