CVE-2025-36238

{"id": "CVE-2025-36238", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "psirt@us.ibm.com", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 6.0, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "impactScore": 4.0, "exploitabilityScore": 1.5}]}, "published": "2026-02-02T23:15:59.383", "references": [{"url": "https://www.ibm.com/support/pages/node/7257556", "tags": ["Vendor Advisory"], "source": "psirt@us.ibm.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "psirt@us.ibm.com", "description": [{"lang": "en", "value": "CWE-497"}]}], "descriptions": [{"lang": "en", "value": "IBM PowerVM Hypervisor FW1110.00 through FW1110.03, FW1060.00 through FW1060.51, and FW950.00 through FW950.F0 could allow a local user with administration privileges to obtain sensitive information from a Virtual TPM through a series of PowerVM service procedures."}, {"lang": "es", "value": "El Hipervisor IBM PowerVM FW1110.00 hasta FW1110.03, FW1060.00 hasta FW1060.51 y FW950.00 hasta FW950.F0 podr\u00eda permitir a un usuario local con privilegios de administraci\u00f3n obtener informaci\u00f3n sensible de un TPM Virtual a trav\u00e9s de una serie de procedimientos de servicio de PowerVM."}], "lastModified": "2026-02-19T14:41:41.713", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:ibm:powervm_hypervisor:fw950.00:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "632A24F5-C141-4C25-9EC7-45D2EAB42485"}, {"criteria": "cpe:2.3:o:ibm:powervm_hypervisor:fw950.10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9761698A-9082-40BB-8F55-317C88743317"}, {"criteria": "cpe:2.3:o:ibm:powervm_hypervisor:fw950.11:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "79E8EED1-9815-4855-817A-3AADADE7349C"}, {"criteria": "cpe:2.3:o:ibm:powervm_hypervisor:fw950.20:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6CB10FCF-6B15-4A56-827F-201133821A39"}, {"criteria": "cpe:2.3:o:ibm:powervm_hypervisor:fw950.30:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1B14954B-DF10-4245-A9CC-1D230DF4BD0A"}, {"criteria": "cpe:2.3:o:ibm:powervm_hypervisor:fw950.40:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B786DA7F-CDDF-42FF-88B9-CF7F87EDB413"}, {"criteria": "cpe:2.3:o:ibm:powervm_hypervisor:fw950.50:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E485A8B0-B757-463D-A39D-DD54D8B9991A"}, {"criteria": "cpe:2.3:o:ibm:powervm_hypervisor:fw950.60:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "376DE841-A509-43E6-8C7D-B2D797A8320B"}, {"criteria": "cpe:2.3:o:ibm:powervm_hypervisor:fw950.70:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8148844C-CE2F-47DF-931D-4C645C8A6991"}, {"criteria": "cpe:2.3:o:ibm:powervm_hypervisor:fw950.71:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E9634703-C057-493F-A06C-202296BDF95D"}, {"criteria": "cpe:2.3:o:ibm:powervm_hypervisor:fw950.80:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5BD06A7C-90F4-4417-80D9-FFDF5575475A"}, {"criteria": "cpe:2.3:o:ibm:powervm_hypervisor:fw950.90:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B78BA924-5621-437F-9736-9CDA49534333"}, {"criteria": "cpe:2.3:o:ibm:powervm_hypervisor:fw950.a0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E0ADB1F8-7422-4E3B-9E5E-211DB5342127"}, {"criteria": "cpe:2.3:o:ibm:powervm_hypervisor:fw950.b0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A960A5D0-4BB3-4075-9D12-150CEA36FFF3"}, {"criteria": "cpe:2.3:o:ibm:powervm_hypervisor:fw950.c0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3FFE786C-F1F2-4473-B66E-E181BC44DA52"}, {"criteria": "cpe:2.3:o:ibm:powervm_hypervisor:fw950.c1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4CBC82F4-731B-4171-A272-38D8DDE5DF32"}, {"criteria": "cpe:2.3:o:ibm:powervm_hypervisor:fw950.c2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "88E44CA9-CB56-4583-9756-13E6410C1A22"}, {"criteria": "cpe:2.3:o:ibm:powervm_hypervisor:fw950.d0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AE48A31D-9DFF-4CF1-9383-1DD7B30244C4"}, {"criteria": "cpe:2.3:o:ibm:powervm_hypervisor:fw950.d1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4FB59886-C52E-4007-9591-A12162368461"}, {"criteria": "cpe:2.3:o:ibm:powervm_hypervisor:fw950.e0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "64CE106E-E157-4559-B9A4-D40BC46CB3EC"}, {"criteria": "cpe:2.3:o:ibm:powervm_hypervisor:fw950.e1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5D01DFA9-5E4B-471D-9EC7-AFD598F7E024"}, {"criteria": "cpe:2.3:o:ibm:powervm_hypervisor:fw950.f0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "86F8E3AD-FAE9-48BE-990D-F81A5092A042"}, {"criteria": "cpe:2.3:o:ibm:powervm_hypervisor:fw1060.00:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "911607B1-E5D6-49D4-AA0C-474694B59FEC"}, {"criteria": "cpe:2.3:o:ibm:powervm_hypervisor:fw1060.10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D742B8BB-7672-405B-A367-7ECF984A645A"}, {"criteria": "cpe:2.3:o:ibm:powervm_hypervisor:fw1060.12:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2A328209-CF34-4EE6-8AAF-AE336081C3F8"}, {"criteria": "cpe:2.3:o:ibm:powervm_hypervisor:fw1060.20:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9FDE0E8C-1488-4E37-9A26-32DE8AE97481"}, {"criteria": "cpe:2.3:o:ibm:powervm_hypervisor:fw1060.21:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2057DC3F-B929-4496-A19C-C9506153318F"}, {"criteria": "cpe:2.3:o:ibm:powervm_hypervisor:fw1060.40:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D395E59B-1470-4B61-B6F9-7256224A4B00"}, {"criteria": "cpe:2.3:o:ibm:powervm_hypervisor:fw1060.41:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EB4EEDC4-18A6-4B92-9DBF-2A2622089A3C"}, {"criteria": "cpe:2.3:o:ibm:powervm_hypervisor:fw1060.50:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1CD4F341-EFBC-44D8-A396-86EA2C1D925A"}, {"criteria": "cpe:2.3:o:ibm:powervm_hypervisor:fw1060.51:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F432C112-51A5-4F85-9073-D7DC0EC651C5"}, {"criteria": "cpe:2.3:o:ibm:powervm_hypervisor:fw1110.00:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "54D6C052-6E19-49C2-8BA8-99233EF9C8E4"}, {"criteria": "cpe:2.3:o:ibm:powervm_hypervisor:fw1110.01:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C9E9EB5E-FB7A-4F54-958F-451568C9CA62"}, {"criteria": "cpe:2.3:o:ibm:powervm_hypervisor:fw1110.03:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C35A539E-155C-4643-B43C-65FA91F2CBD9"}], "operator": "OR"}]}], "sourceIdentifier": "psirt@us.ibm.com"}