PT-2025-40920 · Ibm · Ibm Security Verify Access Docker+1

Publicado

2025-10-06

Atualizado

2025-12-15

CVE-2025-36356

CVSS v3.1

9.3

Crítica

Vetor

AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions IBM Security Verify Access and IBM Security Verify Access Docker versions 10.0.0.0 through 10.0.9.0 IBM Security Verify Access and IBM Security Verify Access Docker versions 11.0.0.0 through 11.0.1.0

Description A locally authenticated user may be able to escalate their privileges to root due to execution with more privileges than required. The issue allows for local-to-root privilege escalation and is considered trivial for any authenticated user.

Recommendations Update IBM Security Verify Access to a version beyond 10.0.9.0 Update IBM Security Verify Access Docker to a version beyond 11.0.1.0

Correção

LPE

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-250

Identificadores relacionados

BDU:2025-13673

CVE-2025-36356

Produtos afetados

Ibm Security Verify Access

Ibm Security Verify Access Docker

PT-2025-40920 · Ibm · Ibm Security Verify Access Docker+1

CVE-2025-36356

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 13