CVE-2025-33117 PUBLISHED

IBM QRadar SIEM command execution

Assigner: ibm
Reserved: 15.04.2025 Published: 19.06.2025 Updated: 20.06.2025

IBM QRadar SIEM 7.5 through 7.5.0 Update Package 12 could allow a privileged user to modify configuration files that would allow the upload of a malicious autoupdate file to execute arbitrary commands.

Metrics

CVSS 3.1

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
CVSS Score: 9.1

Attack Vector	Network	Scope	Changed
Attack Complexity	Low	Confidentiality Impact	High
Privileges Required	High	Integrity Impact	High
User Interaction	None	Availability Impact	High

CVSS 3.1

Product Status

Vendor	IBM
Product	QRadar SIEM
Versions	Default: unaffected affected from 7.5 to 7.5.0 Update Pack 12 (incl.)

Solutions

IBM encourages customers to update their systems promptly.

IBM QRadar SIEM 7.5.0 QRadar 7.5.0 UP12 IF02

Credits

John Zuccato, Rodney Ryan, Chris Shepherd, Vince Dragnea, Ben Goodspeed, Dawid Bak finder

References

https://www.ibm.com/support/pages/node/7237317

Problem Types

CWE-73 External Control of File Name or Path CWE