IBM Critical Vulnerability - 20250825001¶
Overview¶
IBM has published security updates addressing multiple vulnerabilities affecting their ELM Jazz Foundation products. Successful exploitation could allow an unauthenticated remote attacker to update server configuration files which would allow them to perform unauthorized actions, subsequently leading to a Denial of Service condition.
What is vulnerable?¶
| Product(s) Affected | Version(s) | CVE | CVSS | Severity |
|---|---|---|---|---|
| IBM ELM - Jazz Foundation | 7.1.0 prior to iFix004-sec 7.0.3 prior to iFix018-sec 7.0.2 prior to iFix035-sec |
CVE-2025-36157 | 9.8 | Critical |
What has been observed?¶
The WASOC has not received any reports of exploitation of this vulnerability on Western Australian Government networks at the time of writing.
Recommendation¶
The WASOC recommends administrators apply the solutions as per vendor instructions to all affected devices within expected timeframes (refer Patch Management):