PT-2025-24719 · Ibm+1 · Ibm Vios+2
Published
2025-06-10
·
Updated
2025-06-10
·
CVE-2025-33112
CVSS v3.1
8.4
High
| Vector | AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
IBM AIX version 7.3
IBM VIOS version 4.1.1
Description
The issue is related to the improper neutralization of pathname input in the Perl implementation, which could allow a non-privileged local user to execute arbitrary code.
Recommendations
For IBM AIX version 7.3, update to a version that properly neutralizes pathname input to prevent arbitrary code execution.
For IBM VIOS version 4.1.1, update to a version that properly neutralizes pathname input to prevent arbitrary code execution.
As a temporary workaround, consider restricting access to the Perl implementation until a patch is available.
Fix
Relative Path Traversal
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Ibm Aix
Ibm Vios
Perl