CVE-2025-13375
Command Injection in IBM CCA 7.5.52/8.4.82 Enables Privilege Escalation
Publication date: 2026-02-04
Last updated on: 2026-02-04
Assigner: IBM Corporation
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| ibm | common_cryptographic_architecture | 7.5.52 |
| ibm | common_cryptographic_architecture | 8.4.82 |
| ibm | 4769_developers_toolkit | 7.5.52 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-250 | The product performs an operation at a privilege level that is higher than the minimum level required, which creates new weaknesses or amplifies the consequences of other weaknesses. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
[{'type': 'paragraph', 'content': "CVE-2025-13375 is a critical vulnerability in IBM's Common Cryptographic Architecture (CCA) versions 7.5.52 and 8.4.82, as well as the IBM 4769 Developers Toolkit version 7.5.52. It allows an unauthenticated attacker to execute arbitrary commands with elevated privileges on the affected system."}, {'type': 'paragraph', 'content': 'This means that an attacker does not need any prior access or user interaction to exploit this flaw, which can lead to severe impacts on the confidentiality, integrity, and availability of applications that use these cryptographic components.'}, {'type': 'paragraph', 'content': 'The vulnerability is classified under CWE-250 (Execution with Unnecessary Privileges) and has a CVSS v3.1 base score of 9.8, indicating critical severity with a network attack vector and low attack complexity.'}] [1]
How can this vulnerability impact me? :
[{'type': 'paragraph', 'content': "This vulnerability can severely impact the confidentiality, integrity, and availability of card and consuming applications that rely on IBM's Common Cryptographic Architecture."}, {'type': 'list_item', 'content': 'An unauthenticated attacker can execute arbitrary commands with elevated privileges.'}, {'type': 'list_item', 'content': 'This can lead to unauthorized access, data breaches, manipulation or destruction of sensitive data, and disruption of services.'}, {'type': 'list_item', 'content': 'Because no privileges or user interaction are required, the risk of exploitation is very high.'}] [1]
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
I don't know
What immediate steps should I take to mitigate this vulnerability?
To mitigate the vulnerability CVE-2025-13375 in IBM Common Cryptographic Architecture (CCA), IBM strongly recommends upgrading to the fixed versions of the affected software.
- Upgrade CCA 7 MTM for 4769 to version 7.5.53.
- Upgrade CCA 8 MTM for 4770 to version 8.4.84.
- Upgrade IBM 4769 Developers Toolkit to version 7.5.53.
Platform-specific remediation instructions include:
- For IBM AIX, download updated versions from the IBM 4769 and 4770 CCA Software Download Pages.
- For IBM i, apply Program Temporary Fixes (PTFs) for IBM CCA Service Provider (5770-SS1 Option 35) and IBM Cryptographic Device Manager (5733-CY3) for releases 7.3 through 7.6.
- For IBM PowerLinux and Linux on Intel x86, download updated versions from the respective IBM CCA Software Download Pages.
No workarounds or mitigations are available other than applying these updates.