CVE-2025-14604
Received Received - Intake
Permission Escalation in IBM Storage Scale Allowing Unauthorized Execution

Publication date: 2026-03-03

Last updated on: 2026-03-04

Assigner: IBM Corporation

Description
IBM Storage Scale IBM S through rage Scale 5.2.3.0 - 5.2.3.5, and IBM S through rage Scale 6.0.0.0 - 6.0.0.1 could allow a local user to unintentionally trigger additional permissions for resources in a way that allows that resource to be executed by unintended actors.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-03-03
Last Modified
2026-03-04
Generated
2026-05-07
AI Q&A
2026-03-03
EPSS Evaluated
2026-05-05
NVD
CVE-2025-14604
EUVD
EUVD-2025-208252
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
ibm storage_scale From 5.2.3.0 (inc) to 5.2.3.6 (exc)
ibm storage_scale From 6.0.0.0 (inc) to 6.0.0.2 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-732 The product specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

CVE-2025-14604 affects IBM Storage Scale versions 5.2.3.0 through 5.2.3.5 and 6.0.0.0 through 6.0.0.1. The vulnerability occurs when a directory has a specific Access Control List (ACL) composition that can unintentionally grant execute permissions on resources to local users. This misconfiguration allows unintended actors to execute those resources, representing an incorrect permission assignment issue classified under CWE-732.


How can this vulnerability impact me? :

This vulnerability can allow a local user with low privileges and requiring user interaction to gain improper execute permissions on critical resources. This can lead to unauthorized execution of resources by unintended actors, resulting in high confidentiality and integrity impacts. However, it does not affect system availability.


How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:

I don't know


How can this vulnerability be detected on my network or system? Can you suggest some commands?

The vulnerability arises when a directory has a specific Access Control List (ACL) composition that allows unintended execute permissions. Detection involves checking for such ACL misconfigurations on your IBM Storage Scale system.

However, no specific detection commands or network/system scanning methods are provided in the available information.


What immediate steps should I take to mitigate this vulnerability?

The recommended immediate step to mitigate this vulnerability is to upgrade IBM Storage Scale to versions 5.2.3.6 or 6.0.0.2 or later, where the issue has been remediated.

No workarounds or alternative mitigations are provided, so applying the fixed versions is strongly advised.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart