Attackers can target IBM Storage Protect and InfoSphere Information Server. Security updates closed several software vulnerabilities.
Admin attack possible
In a warning message, the developers explain that attackers can gain extensive access to instances via an obviously undocumented admin account. It can be assumed that attackers compromise instances after bypassing the login. The vulnerability (CVE-2025-3319) is classified as “high” threat level. It is not yet clear how such an attack could take place. It is also currently unknown which parameters admins can use to identify systems that have already been successfully attacked.
Issues 8.1.0.000 up to and including 8.1.26.000 under AIX Linux Windows are said to be threatened by the security problem. The developers state that they have closed the gap in version 8.1.27. Even if there are currently no reports of attacks, admins should not wait too long to install the security update.
Data integration platform at risk
InfoSphere Information Server is vulnerable via two vulnerabilities(CVE-2025-3221 “high”, CVE-2025-3629 “medium”). Attackers can use these vulnerabilities to trigger DoS states or delete user comments. According to the developers, versions 11.7.0.0 up to and including 11.7.1.6 are affected by both vulnerabilities. IBM links to the security patches for the vulnerable versions in a post.
Just recently, a “critical” malware vulnerability (CVE-2025-33117) in IBM’s IT security solution QRadar SIEM made the headlines.
(des)
Don’t miss any news – follow us on
Facebook,
LinkedIn or
Mastodon.
This article was originally published in
German.
It was translated with technical assistance and editorially reviewed before publication.
Dieser Link ist leider nicht mehr gültig.
Links zu verschenkten Artikeln werden ungültig,
wenn diese älter als 7 Tage sind oder zu oft aufgerufen wurden.
Sie benötigen ein heise+ Paket, um diesen Artikel zu lesen. Jetzt eine Woche unverbindlich testen – ohne Verpflichtung!
