CVE-2024-25050

HIGH

IBM i <7.6 - Privilege Escalation

Title source: llm

Description

IBM i 7.2, 7.3, 7.4, 7.5 and IBM Rational Development Studio for i 7.2, 7.3, 7.4, 7.5 networking and compiler infrastructure could allow a local user to gain elevated privileges due to an unqualified library call. A malicious actor could cause user-controlled code to run with administrator privileges. IBM X-Force ID: 283242.

References (3)

[Vendor Advisory] https://exchange.xforce.ibmcloud.com/vulnerabilities/283242

[Vendor Advisory] https://www.ibm.com/support/pages/node/7149616

[Vendor Advisory] https://www.ibm.com/support/pages/node/7149672

Scores

CVSS v3 8.4

EPSS 0.0007

EPSS Percentile 21.4%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Classification

CWE

CWE-427

Status published

Affected Products (8)

ibm/rational_developer_for_i

ibm/i

Timeline

Published Apr 28, 2024

Tracked Since Feb 18, 2026