PT-2025-37994 · Ibm · Aix+2
Published
2025-09-16
·
Updated
2025-10-17
·
CVE-2025-36244
CVSS v3.1
7.4
High
| Vector | AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
IBM AIX versions 7.2 through 7.3
IBM VIOS versions 3.1 through 4.1
Description
IBM AIX and VIOS, when configured to use Kerberos network authentication, may allow a local user to gain root privileges by writing to files on the system due to improper initialization of critical variables.
Recommendations
IBM AIX version 7.2: At the moment, there is no information about a newer version that contains a fix for this vulnerability.
IBM AIX version 7.3: At the moment, there is no information about a newer version that contains a fix for this vulnerability.
IBM VIOS version 3.1: At the moment, there is no information about a newer version that contains a fix for this vulnerability.
IBM VIOS version 4.1: At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Aix
Ibm Aix
Vios