heise PlusAbo
Anzeige

Vulnerabilities in IT security solution IBM QRadar SIEM closed

Attackers can exploit two security vulnerabilities in IBM QRadar SIEM. An update repairs the application.

listen Print view
A symbolic update bubble next to a PC workstation.

(Image: Artur Szczybylo/Shutterstock.com)

1 min. read
Security
By

IBM's developers have closed two vulnerabilities in QRadar SIEM that could allow attackers to attack systems. So far, there is no evidence of attacks already in progress.

Two points of attack

Because an incorrectly configured cron job is executed with actually unnecessary authorizations, attackers can obtain higher user rights in an unspecified way (CVE-2025-33120"high").

In the second case in the context of the IBM QRadar SIEM Dashboard, access data can be leaked (CVE-2025-36042"medium").

The IBM developers state in a warning message that versions 7.5 up to and including 7.5.0 UP13 are at risk. The versions IBM QRadar SIEM 7.5.0 UP13 IF01 and IBM QRadar Incident Forensics UP13 IF01.

Videos by heise

Most recently, the IBM developers have prepared the IT management software Tivoli Monitoring against possible attacks.

(des)

Don't miss any news – follow us on Facebook, LinkedIn or Mastodon.

This article was originally published in German. It was translated with technical assistance and editorially reviewed before publication.

Beliebte Bestenlisten

Alle Angebote
Newsletter heise-Bot heise-Bot Push Nachrichten Push Push-Nachrichten