Remote Command Execution Vulnerability in IBM AIX and VIOS
CVE-2025-36250

10CRITICAL

Key Information:

Vendor

IBM
Status
Aix
ViOS
Vendor
CVE Published:
13 November 2025

Badges

πŸ“ˆ Score: 527πŸ‘Ύ Exploit ExistsπŸ“° News Worthy

What is CVE-2025-36250?

CVE-2025-36250 is a remote command execution vulnerability found in IBM AIX versions 7.2 and 7.3, as well as in IBM VIOS versions 3.1 and 4.1. The vulnerability arises from improper process controls within the Network Installation Manager (NIM) server service, specifically its component called "nimesis." This flaw allows remote attackers to execute arbitrary commands on affected systems, which poses a serious security risk. Organizations using IBM AIX and VIOS may face significant operational disruptions and data integrity issues if exploited, as unauthorized command execution can lead to unauthorized access and manipulation of critical systems.

This vulnerability expands on previously identified attack vectors linked to an earlier flaw, CVE-2024-56346, highlighting the potential for compounded security issues. Its implications extend beyond immediate command execution, potentially enabling attackers to further infiltrate networks and escalate their access privileges, thereby increasing the overall risk to organizational security.

Potential Impact of CVE-2025-36250

  1. Unauthorized System Access: Exploiting this vulnerability could allow attackers to gain unauthorized access to sensitive systems, enabling them to manipulate or steal important data.

  2. Operational Disruption: The ability to execute arbitrary commands remotely may lead to unplanned system outages or disruptions, impacting business continuity and operations.

  3. Increased Attack Surface: This vulnerability provides additional vectors for exploitation, potentially compounding the risks associated with existing vulnerabilities and making it essential for organizations to reassess their security postures.

Affected Version(s)

AIX 7.2

AIX 7.3

VIOS 3.1

News Articles

favicon imageThe Stack

IBM patches CVSS 10 AIX bug:

Pre-auth RCE on an OS run in mission-critical environments? Might want to patch that...

3 weeks ago

favicon imageThe Cyber Express

IBM AIX Hit By 3 Critical Vulnerabilities, One A Perfect 10

IBM AIX vulnerabilities in the Power server operating system could allow remote attackers to execute arbitrary commands or steal credentials.

3 weeks ago

favicon imageCyber Press

IBM AIX Vulnerability Lets Remote Attackers Execute Arbitrary Commands

The vulnerabilities span multiple AIX versions and demand immediate remediation from affected organizations.

3 weeks ago

References

https://www.ibm.com/support/pages/node/7251173
vendor-advisorypatch

CVSS V3.1

Score:
10
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Changed

Timeline

  • πŸ‘Ύ

    Exploit known to exist

  • πŸ“°

    First article discovered by GBHackers News

  • Vulnerability published

  • Vulnerability Reserved

Credit

These vulnerabilities were reported to IBM by Oneconsult AG (https://oneconsult.com/), Jan Alsenz.
JSON
.
CVE-2025-36250 : Remote Command Execution Vulnerability in IBM AIX and VIOS