Update: Admin account built into IBM Storage Protect jeopardizes systems
In addition to IBM's Storage Protect data storage solution, the InfoSphere Information Server data integration platform is also vulnerable.
(Image: Artur Szczybylo/Shutterstock.com)
Attackers can target IBM Storage Protect and InfoSphere Information Server. Security updates closed several software vulnerabilities.
Admin attack possible
In a warning message, the developers explain that attackers can gain extensive access to instances via an obviously undocumented admin account. It can be assumed that attackers compromise instances after bypassing the login. The vulnerability (CVE-2025-3319) is classified as “high” threat level. It is not yet clear how such an attack could take place. It is also currently unknown which parameters admins can use to identify systems that have already been successfully attacked.
Issues 8.1.0.000 up to and including 8.1.26.000 under AIX Linux Windows are said to be threatened by the security problem. The developers state that they have closed the gap in version 8.1.27. Even if there are currently no reports of attacks, admins should not wait too long to install the security update.
Data integration platform at risk
InfoSphere Information Server is vulnerable via two vulnerabilities(CVE-2025-3221 “high”, CVE-2025-3629 “medium”). Attackers can use these vulnerabilities to trigger DoS states or delete user comments. According to the developers, versions 11.7.0.0 up to and including 11.7.1.6 are affected by both vulnerabilities. IBM links to the security patches for the vulnerable versions in a post.
Videos by heise
Just recently, a “critical” malware vulnerability (CVE-2025-33117) in IBM's IT security solution QRadar SIEM made the headlines.
(des)
