Breaking
Save 20% Off the Apple AirPods Pro 3, There’s Still Time to Have It Delivered by Mother’s Day
Ravensburger Is Releasing New Star Wars Puzzles for The Mandalorian & Grogu Movie
Call of Duty 2026 Won’t Be Releasing on Last-Gen Consoles
Fallout Co-Creator Says Some Players Watch Influencers So They Can Be Told What to Think About Games
The Powerful AMD Radeon 9070 XT Graphics Card Drops to $680 for a Very Limited Time
Take-Two CEO Explains Why GTA 6 Isn’t Coming to PC on Day One
DigiCert Hacked via Weaponized Screensaver File to Obtain EV Code Signing Certificates
DigiCert Hacked via Weaponized Screensaver File to Obtain EV Code Signing Certificates
Every LEGO Millennium Falcon from 2000 to Today
Get an Apple Watch Ultra for Just $299 at Amazon
4 May 2026, Mon
Launch Your Site in 5 Minutes
Cyber Security News

IBM QRadar SIEM Vulnerability Allows Remote Command Execution

By rssfeeds-admin No Comments

IBM has issued a critical security bulletin revealing multiple high-severity vulnerabilities in its QRadar SIEM platform.

These flaws, present in versions 7.5 through 7.5.0 Update Package 12, could allow attackers to execute arbitrary commands, access sensitive data, or compromise system integrity.

The most severe vulnerability (CVE-2025-33117) carries a CVSS score of 9.1, enabling authenticated attackers to upload malicious files and execute commands across the network.

Vulnerability Details

The three critical vulnerabilities include:

CVE IDDescriptionCVSS ScoreAttack Vector
CVE-2025-36050Sensitive information exposure in log files6.2Local access
CVE-2025-33121XML External Entity (XXE) injection enabling data exfiltration7.1Remote authenticated
CVE-2025-33117Arbitrary command execution via malicious autoupdate file9.1Remote privileged

The XXE vulnerability (CVE-2025-33121) allows authenticated attackers to process malicious XML data, potentially exposing system information or causing resource exhaustion.

The arbitrary command execution flaw (CVE-2025-33117) enables privileged users to manipulate configuration files and upload malicious updates.

Affected Products and Remediation

All deployments running QRadar SIEM versions 7.5 through 7.5.0 UP12 IF01 are vulnerable.

IBM has released QRadar 7.5.0 UP12 Interim Fix 02 (SFS 20250610184357) to address these issues.

Administrators must:

  1. Verify deployment versions using the QRadar console
  2. Backup all data before upgrading
  3. Install the SFS update file across all appliances
  4. Ensure no pending configuration changes exist pre-update

IBM confirms no viable workarounds exist, making immediate patching essential.

The update also resolves additional component vulnerabilities in bundled libraries, including Apache Tomcat and FreeType.

Security teams should monitor authentication logs for suspicious privileged account activity until updates are fully deployed.

Find this Story Interesting! Follow us on LinkedIn and X to Get More Instant Updates

The post IBM QRadar SIEM Vulnerability Allows Remote Command Execution appeared first on Cyber Security News.

Discover more from RSS Feeds Cloud

Subscribe to get the latest posts sent to your email.

By rssfeeds-admin

Related Posts

Cyber Security News

DigiCert Hacked via Weaponized Screensaver File to Obtain EV Code Signing Certificates

rssfeeds-admin
Cyber Security News

DigiCert Hacked via Weaponized Screensaver File to Obtain EV Code Signing Certificates

rssfeeds-admin
Cyber Security News

MSSPs Face Rising Alert Fatigue as False Positives Drain Analyst Time and Resources

rssfeeds-admin

You Missed

IGN

Save 20% Off the Apple AirPods Pro 3, There’s Still Time to Have It Delivered by Mother’s Day

IGN

Ravensburger Is Releasing New Star Wars Puzzles for The Mandalorian & Grogu Movie

IGN

Call of Duty 2026 Won’t Be Releasing on Last-Gen Consoles

IGN

Fallout Co-Creator Says Some Players Watch Influencers So They Can Be Told What to Think About Games

Discover more from RSS Feeds Cloud

Subscribe now to keep reading and get access to the full archive.

Continue reading