CVE-2025-1411
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-06-15

Last updated on: 2025-08-11

Assigner: IBM Corporation

Description
IBM Security Verify Directory Container 10.0.0.0 through 10.0.3.1 could allow a local user to execute commands as root due to execution with unnecessary privileges.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-06-15
Last Modified
2025-08-11
Generated
2026-05-07
AI Q&A
2025-06-15
EPSS Evaluated
2026-05-05
NVD
CVE-2025-1411
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
ibm security_verify_directory From 10.0.0 (inc) to 10.0.3.1 (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-250 The product performs an operation at a privilege level that is higher than the minimum level required, which creates new weaknesses or amplifies the consequences of other weaknesses.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability in IBM Security Verify Directory Container versions 10.0.0.0 through 10.0.3.1 allows a local user to execute commands with root privileges because the software runs with unnecessary elevated privileges. It is classified as CWE-250: Execution with Unnecessary Privileges. [1]


How can this vulnerability impact me? :

The vulnerability can allow a local attacker with low privileges to execute commands as root, potentially leading to full system compromise. It has a high impact on confidentiality, integrity, and availability of the affected system. [1]


What immediate steps should I take to mitigate this vulnerability?

IBM strongly recommends updating IBM Security Verify Directory Container to version 10.0.4.0 or later to remediate this vulnerability. No workarounds or mitigations are provided. [1]


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart