CVE-2025-33109

High CVSS 7.5

Overview

IBM i 7.2, 7.3, 7.4, 7.5, and 7.6 is vulnerable to a privilege escalation caused by an invalid database authority check. A bad actor could execute a database procedure or function without having all required permissions, in addition to causing denial of service for some database actions.

CWE: CWE-250 Published: 2025-07-24T15:15:25.927

Risk analysis

This vulnerability is rated 🟠 HIGH.

CVSS: 7.5 (HIGH)
Detected tags: dos, priv_esc (tag impact: HIGH)

Recommended actions:

Rate limiting, resource quotas and circuit breakers.
Fix privilege escalation urgently.
Enforce least-privilege and strengthen EDR detection.

Overview

Recommended tools

Tags