CVE-2025-36356
published 2025-10-06CVE-2025-36356: IBM Security Verify Access and IBM Security Verify Access Docker 10.0.0.0 through 10.0.9.0 and 11.0.0.0 through 11.0.1.0 could allow a locally authenticated…
critical9.3CVSS 3.1
AVLACLPRNUINSCCHIHAH
IBM Security Verify Access and IBM Security Verify Access Docker 10.0.0.0 through 10.0.9.0 and 11.0.0.0 through 11.0.1.0 could allow a locally authenticated user to escalate their privileges to root due to execution with more privileges than required.
Affected
12 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ibm | security_verify_access | — | — |
| ibm | security_verify_access | >= 10.0.0.0 < 10.0.9.0 | 10.0.9.0 |
| ibm | security_verify_access_appliance | 10.0.0.0 – 10.0.9.0 IF2 | — |
| ibm | security_verify_access_appliance | 11.0.0.0 – 11.0.1.0 | — |
| ibm | security_verify_access_docker | — | — |
| ibm | security_verify_access_docker | >= 10.0.0.0 < 10.0.9.0 | 10.0.9.0 |
| ibm | security_verify_access_docker | 10.0.0.0 – 10.0.9.0 IF2 | — |
| ibm | security_verify_access_docker | 11.0.0.0 – 11.0.1.0 | — |
| ibm | verify_identity_access | — | — |
| ibm | verify_identity_access | >= 11.0.0.0 < 11.0.1.0 | 11.0.1.0 |
| ibm | verify_identity_access_docker | — | — |
| ibm | verify_identity_access_docker | >= 11.0.0.0 < 11.0.1.0 | 11.0.1.0 |