Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2025-36244

IBM AIX 7.2, 7.3, IBM VIOS 3.1, and 4.1, when configured to use Kerberos network authentication, could allow a local user to write to files on the system with root privileges due to improper initialization of critical variables.

Published

2025-09-16T15:15:44.130

Last Modified

2025-10-17T14:34:38.477

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 7.4 (HIGH)

Weaknesses

Type: Secondary
CWE-454

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	ibm	vios	3.1	Yes
Application	ibm	vios	4.1	Yes
Operating System	ibm	aix	7.2	Yes
Operating System	ibm	aix	7.3	Yes
Operating System	ibm	aix	-	No

References

https://www.ibm.com/support/pages/node/7245092 Vendor Advisory ([email protected])