← back
CVE-2025-36120

IBM Storage Virtualize privilege escalation

CVSS 8.8 HIGHEPSS 0.3%CWE-863
Vexday Risk Score
21Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 8.8EPSS 0.3%KEV nãoPoC Nuclei Metasploit Patch referenciado
Lifecycle
18 Aug 2025Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
IBM Storage Virtualize 8.4, 8.5, 8.6, and 8.7 could allow an authenticated user to escalate their privileges in an SSH session due to incorrect authorization checks to access resources.
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected products
IBM · Storage Virtualize