By rssfeeds-admin A high-severity vulnerability (CVE-2025-33108) in IBM Backup, Recovery, and Media Services (BRMS) for IBM i versions 7.4 and 7.5 enables privilege escalation through unqualified library calls.
This flaw allows attackers with program compilation or restoration privileges to execute arbitrary code with elevated system access, posing significant risks to enterprise environments.
Technical Breakdown of the Flaw
The vulnerability stems from CWE-250: Execution with Unnecessary Privileges, where BRMS programs make unqualified library calls without specifying secure paths.
This oversight enables malicious actors to hijack library references, redirecting them to attacker-controlled code.
Key technical elements:
- Attack vector: Exploits the
BRMScomponent’s failure to validate library paths during program compilation/restoration. - CVSS v3.1 score: 8.5 (High), with a vector of AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H.
- Affected versions: BRMS 7.4 and 7.5 on IBM i OS.
IBM confirmed the flaw could allow “user-controlled code to run with component access to the host operating system,” potentially compromising entire IBM i environments.
Impact Analysis
The vulnerability exposes organizations to:
| Risk Factor | Details |
|---|---|
| Severity | High (CVSS 8.5) – enables full system control |
| Affected Systems | IBM i 7.4/7.5 with BRMS installed |
| Exploit Complexity | Requires existing user privileges to compile/restore programs |
| Remediation Status | Patches available via PTFs SJ05906 (7.4) and SJ05907 (7.5) |
Successful exploitation could lead to:
- Unauthorized data manipulation or exfiltration.
- Disruption of backup/recovery operations.
- Lateral movement across networked systems.
Mitigation Strategies
IBM released Program Temporary Fixes (PTFs) to address the vulnerability:
- Immediate patching:
- IBM i 7.4: Apply PTF SJ05906 via Fix Central.
- IBM i 7.5: Apply PTF SJ05907.
- Compensatory controls:
- Restrict user privileges for program compilation/restoration.
- Implement network segmentation for BRMS systems.
- Enable auditing for suspicious library calls.
- Monitoring:
- Track
BRMSactivity logs for unexpected library paths. - Use intrusion detection systems to flag privilege escalation attempts.
- Track
While no workarounds exist, combining patches with least-privilege access models significantly reduces attack surfaces.
Organizations using legacy IBM i systems should prioritize patching, given BRMS’s central role in enterprise backup infrastructure.
This vulnerability highlights the critical need for rigorous library path validation in privileged services.
With IBM i systems widely used in financial and healthcare sectors, timely remediation is essential to prevent systemic compromises.
Find this Story Interesting! Follow us on LinkedIn and X to Get More Instant Updates
The post IBM Backup Services Vulnerability Allows Attackers to Escalate Privileges appeared first on Cyber Security News.
Discover more from RSS Feeds Cloud
Subscribe to get the latest posts sent to your email.