Configuration File Vulnerability in IBM QRadar SIEM by IBM
CVE-2025-33117

9.1CRITICAL

Key Information:

Vendor: IBM
Status: Qradar Siem
Vendor: CVE Published:; 19 June 2025

What is CVE-2025-33117?

The vulnerability permits a privileged user to alter configuration files within IBM QRadar SIEM. This alteration could facilitate the upload of a harmful autoupdate file, leading to the execution of arbitrary commands, potentially compromising the system.

Affected Version(s)

QRadar SIEM 7.5 <= 7.5.0 Update Pack 12

References

https://www.ibm.com/support/pages/node/7237317

vendor-advisory

CVSS V3.1

Score:

9.1

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 19, 2025
Vulnerability Reserved
Apr 15, 2025

Credit

John Zuccato, Rodney Ryan, Chris Shepherd, Vince Dragnea, Ben Goodspeed, Dawid Bak