CVE-2025-33120

🗓️ 22 Aug 2025 14:54:02Reported by ibmType

CVE-2025-33120 QRadar cronjob misconfiguration enables privilege escalation by authenticated user UP13

Reporter	Title	Published	Views	Family All 9
IBM Security Bulletins	Security Bulletin: IBM QRadar SIEM is affected by local privilege escalation and cross-site scripting (CVE-2025-33120, CVE-2025-36042)	21 Aug 202522:39	–	ibm
Circl	CVE-2025-33120	22 Aug 202515:12	–	circl
CNNVD	IBM QRadar SIEM 安全漏洞	22 Aug 202500:00	–	cnnvd
Cvelist	CVE-2025-33120 IBM QRadar SIEM privilege escalation	22 Aug 202514:54	–	cvelist
EUVD	EUVD-2025-25525	3 Oct 202520:07	–	euvd
NVD	CVE-2025-33120	22 Aug 202515:15	–	nvd
Positive Technologies	PT-2025-34370 · Ibm · Qradar Siem	22 Aug 202500:00	–	ptsecurity
RedhatCVE	CVE-2025-33120	24 Aug 202515:21	–	redhatcve
Vulnrichment	CVE-2025-33120 IBM QRadar SIEM privilege escalation	22 Aug 202514:54	–	vulnrichment

NVD

Vulners

Node

ibm qradar_incident_forensicsMatch7.5.0-

ibm qradar_incident_forensicsMatch7.5.0update_pack_1

ibm qradar_incident_forensicsMatch7.5.0update_pack_10

ibm qradar_incident_forensicsMatch7.5.0update_pack_11

ibm qradar_incident_forensicsMatch7.5.0update_pack_12

ibm qradar_incident_forensicsMatch7.5.0update_pack_13

ibm qradar_incident_forensicsMatch7.5.0update_pack_2

ibm qradar_incident_forensicsMatch7.5.0update_pack_3

ibm qradar_incident_forensicsMatch7.5.0update_pack_4

ibm qradar_incident_forensicsMatch7.5.0update_pack_5

ibm qradar_incident_forensicsMatch7.5.0update_pack_6

ibm qradar_incident_forensicsMatch7.5.0update_pack_7

ibm qradar_incident_forensicsMatch7.5.0update_pack_8

ibm qradar_incident_forensicsMatch7.5.0update_pack_9

ibm qradar_security_information_and_event_managerMatch7.5.0-

ibm qradar_security_information_and_event_managerMatch7.5.0update_pack_1

ibm qradar_security_information_and_event_managerMatch7.5.0update_pack_10

ibm qradar_security_information_and_event_managerMatch7.5.0update_pack_11

ibm qradar_security_information_and_event_managerMatch7.5.0update_pack_12

ibm qradar_security_information_and_event_managerMatch7.5.0update_pack_13

ibm qradar_security_information_and_event_managerMatch7.5.0update_pack_2

ibm qradar_security_information_and_event_managerMatch7.5.0update_pack_3

ibm qradar_security_information_and_event_managerMatch7.5.0update_pack_4

ibm qradar_security_information_and_event_managerMatch7.5.0update_pack_5

ibm qradar_security_information_and_event_managerMatch7.5.0update_pack_6

ibm qradar_security_information_and_event_managerMatch7.5.0update_pack_7

ibm qradar_security_information_and_event_managerMatch7.5.0update_pack_8

ibm qradar_security_information_and_event_managerMatch7.5.0update_pack_9

[
  {
    "cpes": [
      "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:-:*:*:*:*:*:*",
      "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_13:*:*:*:*:*:*"
    ],
    "defaultStatus": "unaffected",
    "product": "QRadar SIEM",
    "vendor": "IBM",
    "versions": [
      {
        "lessThanOrEqual": "7.5.0 Update Pack 13",
        "status": "affected",
        "version": "7.5",
        "versionType": "semver"
      }
    ]
  }
]

Source	Link
ibm	www.ibm.com/support/pages/node/7242869

15 Sep 2025 19:53Current

6.6Medium risk

Vulners AI Score6.6

CVSS 3.17.8

EPSS0.0002

SSVC

CWE-250