CVE-2025-13375
Unknown Unknown - Not Provided
Command Injection in IBM CCA 7.5.52/8.4.82 Enables Privilege Escalation

Publication date: 2026-02-04

Last updated on: 2026-02-04

Assigner: IBM Corporation

Description
IBM Common Cryptographic Architecture (CCA)Β 7.5.52 andΒ 8.4.82 could allow an unauthenticated user to execute arbitrary commands with elevated privileges on the system.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-02-04
Last Modified
2026-02-04
Generated
2026-06-16
AI Q&A
2026-02-04
EPSS Evaluated
2026-06-14
NVD
CVE-2025-13375
Affected Vendors & Products
Showing 3 associated CPEs
Vendor Product Version / Range
ibm common_cryptographic_architecture 7.5.52
ibm common_cryptographic_architecture 8.4.82
ibm 4769_developers_toolkit 7.5.52
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-250 The product performs an operation at a privilege level that is higher than the minimum level required, which creates new weaknesses or amplifies the consequences of other weaknesses.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

[{'type': 'paragraph', 'content': "CVE-2025-13375 is a critical vulnerability in IBM's Common Cryptographic Architecture (CCA) versions 7.5.52 and 8.4.82, as well as the IBM 4769 Developers Toolkit version 7.5.52. It allows an unauthenticated attacker to execute arbitrary commands with elevated privileges on the affected system."}, {'type': 'paragraph', 'content': 'This means that an attacker does not need any prior access or user interaction to exploit this flaw, which can lead to severe impacts on the confidentiality, integrity, and availability of applications that use these cryptographic components.'}, {'type': 'paragraph', 'content': 'The vulnerability is classified under CWE-250 (Execution with Unnecessary Privileges) and has a CVSS v3.1 base score of 9.8, indicating critical severity with a network attack vector and low attack complexity.'}] [1]

Impact Analysis

[{'type': 'paragraph', 'content': "This vulnerability can severely impact the confidentiality, integrity, and availability of card and consuming applications that rely on IBM's Common Cryptographic Architecture."}, {'type': 'list_item', 'content': 'An unauthenticated attacker can execute arbitrary commands with elevated privileges.'}, {'type': 'list_item', 'content': 'This can lead to unauthorized access, data breaches, manipulation or destruction of sensitive data, and disruption of services.'}, {'type': 'list_item', 'content': 'Because no privileges or user interaction are required, the risk of exploitation is very high.'}] [1]

Compliance Impact

I don't know

Detection Guidance

I don't know

Mitigation Strategies

To mitigate the vulnerability CVE-2025-13375 in IBM Common Cryptographic Architecture (CCA), IBM strongly recommends upgrading to the fixed versions of the affected software.

  • Upgrade CCA 7 MTM for 4769 to version 7.5.53.
  • Upgrade CCA 8 MTM for 4770 to version 8.4.84.
  • Upgrade IBM 4769 Developers Toolkit to version 7.5.53.

Platform-specific remediation instructions include:

  • For IBM AIX, download updated versions from the IBM 4769 and 4770 CCA Software Download Pages.
  • For IBM i, apply Program Temporary Fixes (PTFs) for IBM CCA Service Provider (5770-SS1 Option 35) and IBM Cryptographic Device Manager (5733-CY3) for releases 7.3 through 7.6.
  • For IBM PowerLinux and Linux on Intel x86, download updated versions from the respective IBM CCA Software Download Pages.

No workarounds or mitigations are available other than applying these updates.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-13375. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart