CVE-2025-36356

IBM Security Verify Access and IBM Security Verify Access Docker 10.0.0.0 through 10.0.9.0 and 11.0.0.0 through 11.0.1.0 could allow a locally authenticated user to escalate their privileges to root due to execution with more privileges than required.

CVSS v3 9.3 CRITICAL

9.3^/10

CVSS v3 : CRITICAL

Vector :

Exploitability : 2.5 / Impact : 6.0

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope CHANGED

References

Link	Resource
https://www.ibm.com/support/pages/node/7247215	Patch Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:ibm:security_verify_access::::::::
	cpe:2.3:a:ibm:security_verify_access:10.0.9.0:-::::::
	cpe:2.3:a:ibm:security_verify_access:10.0.9.0:interim_fix1::::::
	cpe:2.3:a:ibm:security_verify_access:10.0.9.0:interim_fix2::::::
	cpe:2.3:a:ibm:security_verify_access_docker::::::::
	cpe:2.3:a:ibm:security_verify_access_docker:10.0.9.0:-::::::
	cpe:2.3:a:ibm:security_verify_access_docker:10.0.9.0:interim_fix1::::::
	cpe:2.3:a:ibm:security_verify_access_docker:10.0.9.0:interim_fix2::::::

Configuration 2 (hide)

OR	cpe:2.3:a:ibm:verify_identity_access::::::::
	cpe:2.3:a:ibm:verify_identity_access:11.0.1.0:-::::::
	cpe:2.3:a:ibm:verify_identity_access_docker::::::::
	cpe:2.3:a:ibm:verify_identity_access_docker:11.0.1.0:-::::::

History

No history.

Information

Published : 2025-10-06 17:16

Updated : 2025-12-15 19:20

NVD link : CVE-2025-36356

Mitre link : CVE-2025-36356

CVE.ORG link : CVE-2025-36356

JSON object : View

Products Affected

ibm

verify_identity_access_docker
verify_identity_access
security_verify_access_docker
security_verify_access

CWE

CWE-250

Execution with Unnecessary Privileges

{"id": "CVE-2025-36356", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "psirt@us.ibm.com", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 9.3, "attackVector": "LOCAL", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 6.0, "exploitabilityScore": 2.5}]}, "published": "2025-10-06T17:16:05.507", "references": [{"url": "https://www.ibm.com/support/pages/node/7247215", "tags": ["Patch", "Vendor Advisory"], "source": "psirt@us.ibm.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "psirt@us.ibm.com", "description": [{"lang": "en", "value": "CWE-250"}]}], "descriptions": [{"lang": "en", "value": "IBM Security Verify Access and IBM Security Verify Access Docker 10.0.0.0 through 10.0.9.0 and 11.0.0.0 through 11.0.1.0 could allow a locally authenticated user to escalate their privileges to root due to execution with more privileges than required."}], "lastModified": "2025-12-15T19:20:17.190", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:ibm:security_verify_access:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CCA4ADF8-014B-4A43-AE12-CC7D46B0F8BF", "versionEndExcluding": "10.0.9.0", "versionStartIncluding": "10.0.0.0"}, {"criteria": "cpe:2.3:a:ibm:security_verify_access:10.0.9.0:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9916DF0F-8A3E-4CB4-957F-286E168666A2"}, {"criteria": "cpe:2.3:a:ibm:security_verify_access:10.0.9.0:interim_fix1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "05FBA01C-DDCD-4B80-B14B-81DAB052CC8D"}, {"criteria": "cpe:2.3:a:ibm:security_verify_access:10.0.9.0:interim_fix2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "149CA168-1117-4B50-8F5A-B72D4BCC65F1"}, {"criteria": "cpe:2.3:a:ibm:security_verify_access_docker:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FFF4D7D4-0D01-44CA-84A2-2EA59802D1CB", "versionEndExcluding": "10.0.9.0", "versionStartIncluding": "10.0.0.0"}, {"criteria": "cpe:2.3:a:ibm:security_verify_access_docker:10.0.9.0:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7E76C6CF-1E2A-403E-9C7F-619BE2057468"}, {"criteria": "cpe:2.3:a:ibm:security_verify_access_docker:10.0.9.0:interim_fix1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B8BF3374-6B03-4A25-9F4D-F88C091804C7"}, {"criteria": "cpe:2.3:a:ibm:security_verify_access_docker:10.0.9.0:interim_fix2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C8D09601-F55B-4307-8BEE-218F5CAC2138"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:ibm:verify_identity_access:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "16595130-3A46-4DD1-9DAA-53E534306975", "versionEndExcluding": "11.0.1.0", "versionStartIncluding": "11.0.0.0"}, {"criteria": "cpe:2.3:a:ibm:verify_identity_access:11.0.1.0:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4A7A934C-F8B6-44D1-9591-A3FDB86BEECB"}, {"criteria": "cpe:2.3:a:ibm:verify_identity_access_docker:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "81BD4D96-C9E9-422B-B18A-61ECFE711884", "versionEndExcluding": "11.0.1.0", "versionStartIncluding": "11.0.0.0"}, {"criteria": "cpe:2.3:a:ibm:verify_identity_access_docker:11.0.1.0:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0C06D5AD-67DD-46FA-BDF7-39A2E0EAAF95"}], "operator": "OR"}]}], "sourceIdentifier": "psirt@us.ibm.com"}