Remote Privilege Escalation in ibi WebFOCUS by TIBCO
CVE-2025-11548

9.3CRITICAL

Key Information:

Vendor: Ibi
Status: Webfocus
Vendor: CVE Published:; 14 October 2025

What is CVE-2025-11548?

A vulnerability in ibi WebFOCUS allows attackers to remotely escalate privileges without authentication, obtaining administrative access to the application. This unauthorized access can lead to malicious actions within the application, including the potential for remote code execution, posing a significant threat to system integrity and user data security.

Affected Version(s)

WebFOCUS 9.1 <= 3

WebFOCUS 9.2 <= 2

References

https://community.tibco.com/advisories/ibi-security-advis...

CVSS V4

Score:

9.3

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 14, 2025
Vulnerability Reserved
Oct 9, 2025

JSON

Ibi

What is CVE-2025-11548?

Affected Version(s)

References

CVSS V4

Timeline