CVE-2025-33120
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-08-22

Last updated on: 2025-09-15

Assigner: IBM Corporation

Description
IBM QRadar SIEM 7.5 through 7.5.0 UP13 could allow an authenticated user to escalate their privileges via a misconfigured cronjob due to execution with unnecessary privileges.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-08-22
Last Modified
2025-09-15
Generated
2026-06-16
AI Q&A
2025-08-22
EPSS Evaluated
2026-06-14
NVD
CVE-2025-33120
EUVD
EUVD-2025-25525
Affected Vendors & Products
Showing 28 associated CPEs
Vendor Product Version / Range
ibm qradar_security_information_and_event_manager 7.5.0
ibm qradar_security_information_and_event_manager 7.5.0
ibm qradar_security_information_and_event_manager 7.5.0
ibm qradar_security_information_and_event_manager 7.5.0
ibm qradar_security_information_and_event_manager 7.5.0
ibm qradar_security_information_and_event_manager 7.5.0
ibm qradar_security_information_and_event_manager 7.5.0
ibm qradar_security_information_and_event_manager 7.5.0
ibm qradar_security_information_and_event_manager 7.5.0
ibm qradar_security_information_and_event_manager 7.5.0
ibm qradar_security_information_and_event_manager 7.5.0
ibm qradar_security_information_and_event_manager 7.5.0
ibm qradar_security_information_and_event_manager 7.5.0
ibm qradar_security_information_and_event_manager 7.5.0
ibm qradar_incident_forensics 7.5.0
ibm qradar_incident_forensics 7.5.0
ibm qradar_incident_forensics 7.5.0
ibm qradar_incident_forensics 7.5.0
ibm qradar_incident_forensics 7.5.0
ibm qradar_incident_forensics 7.5.0
ibm qradar_incident_forensics 7.5.0
ibm qradar_incident_forensics 7.5.0
ibm qradar_incident_forensics 7.5.0
ibm qradar_incident_forensics 7.5.0
ibm qradar_incident_forensics 7.5.0
ibm qradar_incident_forensics 7.5.0
ibm qradar_incident_forensics 7.5.0
ibm qradar_incident_forensics 7.5.0
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-250 The product performs an operation at a privilege level that is higher than the minimum level required, which creates new weaknesses or amplifies the consequences of other weaknesses.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability in IBM QRadar SIEM versions 7.5 through 7.5.0 UP13 allows an authenticated user to escalate their privileges due to a misconfigured cronjob that executes with unnecessary privileges.

Impact Analysis

An attacker who is already authenticated could exploit this vulnerability to gain higher privileges than intended, potentially leading to full system compromise, unauthorized access to sensitive data, and disruption of system availability.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-33120. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart