Remote Code Execution Vulnerability in IBM Security Verify Access
CVE-2025-36355
8.5HIGH
Key Information:
- Vendor
IBM
- Vendor
- CVE Published:
- 6 October 2025
What is CVE-2025-36355?
A vulnerability in IBM Security Verify Access allows a locally authenticated user to execute unauthorized scripts outside of their control sphere. This poses a risk by potentially enabling malicious actors to execute scripts on the system, leading to escalated privileges and other security concerns. The affected versions include IBM Security Verify Access 10.0.0.0 through 10.0.9.0 and 11.0.0.0 through 11.0.1.0. Users and administrators are urged to apply patches promptly to safeguard their systems.
Affected Version(s)
Security Verify Access Appliance 10.0.0.0 <= 10.0.9.0 IF2
Security Verify Access Appliance 11.0.0.0 <= 11.0.1.0
Security Verify Access Docker 10.0.0.0 <= 10.0.9.0 IF2