CVE-2025-36356
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2025-10-06
Last updated on: 2025-12-15
Assigner: IBM Corporation
Description
Description
IBM Security Verify Access and IBM Security Verify Access Docker 10.0.0.0 through 10.0.9.0 and 11.0.0.0 through 11.0.1.0 could allow a locally authenticated user to escalate their privileges to root due to execution with more privileges than required.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| ibm | security_verify_access | From 10.0.0.0 (inc) to 10.0.9.0 (exc) |
| ibm | security_verify_access | 10.0.9.0 |
| ibm | security_verify_access | 10.0.9.0 |
| ibm | security_verify_access | 10.0.9.0 |
| ibm | security_verify_access_docker | From 10.0.0.0 (inc) to 10.0.9.0 (exc) |
| ibm | security_verify_access_docker | 10.0.9.0 |
| ibm | security_verify_access_docker | 10.0.9.0 |
| ibm | security_verify_access_docker | 10.0.9.0 |
| ibm | verify_identity_access | From 11.0.0.0 (inc) to 11.0.1.0 (exc) |
| ibm | verify_identity_access | 11.0.1.0 |
| ibm | verify_identity_access_docker | From 11.0.0.0 (inc) to 11.0.1.0 (exc) |
| ibm | verify_identity_access_docker | 11.0.1.0 |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-250 | The product performs an operation at a privilege level that is higher than the minimum level required, which creates new weaknesses or amplifies the consequences of other weaknesses. |
Attack-Flow Graph
AI Powered Q&A
How can this vulnerability impact me? :
An attacker who has local access and authentication could exploit this vulnerability to gain root privileges, potentially leading to full system compromise, unauthorized access to sensitive data, and disruption of services.
Can you explain this vulnerability to me?
This vulnerability in IBM Security Verify Access and its Docker versions allows a locally authenticated user to escalate their privileges to root because the software executes with more privileges than necessary.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70