IBM has issued a essential safety replace for its QRadar SIEM platform after researchers uncovered a number of vulnerabilities, together with a extreme flaw that enables privileged customers to execute arbitrary instructions on affected techniques.
The vulnerabilities, disclosed in a safety bulletin printed on June 19, 2025, might allow attackers to compromise delicate knowledge, disrupt operations, or achieve unauthorized entry to protected sources if left unpatched.
A number of Vulnerabilities Detailed
The IBM Safety QRadar SIEM platform, broadly utilized by enterprises for safety monitoring and incident response, was discovered to comprise a number of vulnerabilities of various severity.
In response to IBM, these flaws impression QRadar SIEM variations 7.5 by way of 7.5.0 Replace Bundle 12 IF01 and have been addressed within the newest interim repair (UP12 IF02).
Under is a abstract of the important thing vulnerabilities:
| CVE ID | Description | CVSS Rating |
| CVE-2025-36050 | Delicate info saved in log information may very well be learn by a neighborhood consumer. | 6.2 |
| CVE-2025-33121 | Weak to XML Exterior Entity (XXE) injection, permitting distant attackers to show delicate knowledge or exhaust reminiscence. | 7.1 |
| CVE-2025-33117 | Privileged consumer can modify config information to add a malicious autoupdate file, resulting in arbitrary command execution. | 9.1 |
CVE-2025-33117 is probably the most essential of the group, with a CVSS rating of 9.1. This flaw permits a privileged consumer to change configuration information and add a malicious autoupdate file, which may then execute arbitrary instructions on the QRadar SIEM system.
Such an exploit might present attackers with a foothold to additional compromise the community or exfiltrate delicate knowledge.
Safety consultants observe that these vulnerabilities are a part of a broader sample affecting IBM’s QRadar Suite and associated platforms.
Different current CVEs, similar to CVE-2025-25022 and CVE-2025-25021, allow attackers to entry delicate configuration information or execute code by way of improper script dealing with, additional highlighting the necessity for pressing patching.
IBM has not offered any workarounds or mitigations for these vulnerabilities. Prospects are strongly urged to replace their QRadar SIEM installations to model 7.5.0 UP12 IF02 or later to guard towards potential exploitation.
The invention of those vulnerabilities, particularly the arbitrary command execution bug, underscores the significance of normal safety updates and immediate patch administration for enterprise safety infrastructure.
Organizations utilizing IBM QRadar SIEM ought to prioritize making use of the newest fixes to stop attackers from leveraging these essential flaws.
Discover this Information Fascinating! Comply with us on Google Information, LinkedIn, and X to Get Immediate Updates
