Privilege Escalation Vulnerability in IBM Concert Products
CVE-2025-33088

7.4HIGH

Key Information:

Vendor

IBM
Status
Concert
Vendor
CVE Published:
17 February 2026

What is CVE-2025-33088?

A vulnerability in IBM Concert versions 1.0.0 through 2.1.0 allows a local user to escalate privileges by exploiting incorrect file permissions on critical resources. This misconfiguration could grant unauthorized access to sensitive components of the system, posing significant security risks.

Affected Version(s)

Concert 1.0.0 <= 2.1.0

References

https://www.ibm.com/support/pages/node/7260161
vendor-advisorypatch

CVSS V3.1

Score:
7.4
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.