IBM has issued important security updates due to two severe vulnerabilities in its AIX operating system. Both vulnerabilities stem from improper process controls in essential services, leaving systems exposed to remote command execution. The first, CVE-2025-36251, affects the Nimsh service and its SSL/TLS implementations, scoring a high CVSS of 9.6. The second vulnerability, CVE-2025-36250, impacts the NIM server service, achieving a perfect score of 10.0. Both vulnerabilities allow attackers to exploit systems without requiring authentication, highlighting their critical nature.
The implications of these vulnerabilities are significant, allowing potential complete system compromises and unauthorized data access. IBM AIX administrators are strongly advised to prioritize patching to mitigate the risks associated with these flaws. This situation further complicates aspects previously detailed in CVEs 2024-56347 and 2024-56346, indicating that earlier fixes may have been insufficient. Organizations utilizing IBM AIX should implement network segmentation and closely monitor their security advisories to stay ahead of emerging threats. Maintaining up-to-date security measures is crucial for safeguarding crucial infrastructure.
👉 Pročitaj original: Cyber Security News
