CVE-2025-36004

CWE-4273 documents3 sources

Severity

8.8HIGH

EPSS

0.1%

top 75.81%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

IBM I

Timeline

PublishedJun 25

Latest updateJun 26

Description

IBM i 7.2, 7.3, 7.4, and 7.5 could allow a user to gain elevated privileges due to an unqualified library call in IBM Facsimile Support for i. A malicious actor could cause user-controlled code to run with administrator privilege.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages2 packages

▶CVEListV5ibm/i4 versions+3

▶NVDibm/i4 versions+3

🔴Vulnerability Details

GHSA

GHSA-2w97-q69c-frhf: IBM i 7↗2025-06-26

▶

CVEList

IBM i privilege escalation↗2025-06-25

▶