Security vulnerabilities endanger IBM AIX and QRadar SIEM

IBM's IT security solution QRadar SIEM and the server operating system AIX are vulnerable. Among other things, the developers have closed a “critical” security vulnerability with the highest rating.

So far, there are no reports that attackers are already exploiting the vulnerabilities. However, to protect systems from possible attacks, administrators should install the available security patches promptly.

Various Dangers

In a warning message, the developers list four vulnerabilities in AIX and VIOS. One of them (CVE-2025-36250) is rated with the highest possible CVSS score of 10 out of 10. The vulnerability specifically affects NIM servers and allows remote attackers to execute their commands. Due to the critical rating, it can be assumed that systems will be considered fully compromised after a successful attack.

Two further “critical” vulnerabilities (CVE-2025-36251, CVE-2025-36096) allow malware attacks or access to private keys. If attackers exploit another vulnerability (CVE-2025-36236 “high”), they can write files to the system. The versions equipped against this are listed in the warning message.

A “critical” vulnerability (CVE-2025-16971) impacts the Azure SDK for Java component of QRadar SIEM. Attackers can bypass security features through this. The developers currently do not elaborate on what this means specifically and how such an attack could proceed.

Another vulnerability (CVE-2025-33119 “medium”) impacts authentication. If attackers are authenticated, they can access credentials in configuration files. The developers state that they have resolved the security issues in QRadar 7.5.0 UP14 IF01.

Recently, the developers closed a root security vulnerability in IBM Db2.

(des)