PT-2025-20427 · Ibm · Ibm Cics Tx Standard+1

Published

2025-05-08

Updated

2025-05-09

CVE-2025-1331

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions IBM CICS TX Standard version 11.1 IBM CICS TX Advanced versions 10.1 through 11.1

Description The issue allows a local user to execute arbitrary code on the system due to the unsafe use of the gets function.

Recommendations For IBM CICS TX Standard version 11.1, update to a version that fixes the unsafe use of the gets function. For IBM CICS TX Advanced versions 10.1 through 11.1, update to a version that fixes the unsafe use of the gets function. As a temporary workaround, consider restricting access to the affected systems to minimize the risk of exploitation.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-242

Related Identifiers

CVE-2025-1331

Affected Products

Ibm Cics Tx Advanced

Ibm Cics Tx Standard

PT-2025-20427 · Ibm · Ibm Cics Tx Standard+1

CVE-2025-1331

Weakness Enumeration

Related Identifiers

Affected Products

References · 9