CVE-2025-14604
Received Received - Intake
Permission Escalation in IBM Storage Scale Allowing Unauthorized Execution

Publication date: 2026-03-03

Last updated on: 2026-03-04

Assigner: IBM Corporation

Description
IBM Storage Scale IBM S through rage Scale 5.2.3.0 - 5.2.3.5, and IBM S through rage Scale 6.0.0.0 - 6.0.0.1 could allow a local user to unintentionally trigger additional permissions for resources in a way that allows that resource to be executed by unintended actors.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-03-03
Last Modified
2026-03-04
Generated
2026-06-16
AI Q&A
2026-03-03
EPSS Evaluated
2026-06-15
NVD
CVE-2025-14604
EUVD
EUVD-2025-208252
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
ibm storage_scale From 5.2.3.0 (inc) to 5.2.3.6 (exc)
ibm storage_scale From 6.0.0.0 (inc) to 6.0.0.2 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-732 The product specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2025-14604 affects IBM Storage Scale versions 5.2.3.0 through 5.2.3.5 and 6.0.0.0 through 6.0.0.1. The vulnerability occurs when a directory has a specific Access Control List (ACL) composition that can unintentionally grant execute permissions on resources to local users. This misconfiguration allows unintended actors to execute those resources, representing an incorrect permission assignment issue classified under CWE-732.

Impact Analysis

This vulnerability can allow a local user with low privileges and requiring user interaction to gain improper execute permissions on critical resources. This can lead to unauthorized execution of resources by unintended actors, resulting in high confidentiality and integrity impacts. However, it does not affect system availability.

Compliance Impact

I don't know

Detection Guidance

The vulnerability arises when a directory has a specific Access Control List (ACL) composition that allows unintended execute permissions. Detection involves checking for such ACL misconfigurations on your IBM Storage Scale system.

However, no specific detection commands or network/system scanning methods are provided in the available information.

Mitigation Strategies

The recommended immediate step to mitigate this vulnerability is to upgrade IBM Storage Scale to versions 5.2.3.6 or 6.0.0.2 or later, where the issue has been remediated.

No workarounds or alternative mitigations are provided, so applying the fixed versions is strongly advised.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-14604. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart