CVE-2025-33117 IBM QRadar SIEM command execution

🗓️ 19 Jun 2025 17:16:41Reported by ibmType

IBM QRadar SIEM allows command execution via privileged user file modifications in version 7.5.

Reporter	Title	Published	Views	Family All 12
IBM Security Bulletins	Security Bulletin: IBM QRadar SIEM contains multiple vulnerabilities.	19 Jun 202516:12	–	ibm
ATTACKERKB	CVE-2025-33117	19 Jun 202518:15	–	attackerkb
BDU FSTEC	The vulnerability of the update mechanism of the IBM QRadar SIEM system allows a perpetrator to execute arbitrary code.	23 Jun 202500:00	–	bdu_fstec
Circl	CVE-2025-33117	19 Jun 202517:40	–	circl
CNNVD	IBM QRadar SIEM 安全漏洞	19 Jun 202500:00	–	cnnvd
CVE	CVE-2025-33117	19 Jun 202517:16	–	cve
EUVD	EUVD-2025-18994	3 Oct 202520:07	–	euvd
NCSC	Vulnerabilities fixed in IBM QRadar SIEM	20 Jun 202511:04	–	ncsc
NVD	CVE-2025-33117	19 Jun 202518:15	–	nvd
Positive Technologies	PT-2025-26228 · Ibm · Ibm Qradar Siem	19 Jun 202500:00	–	ptsecurity

[
  {
    "cpes": [
      "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:-:*:*:*:*:*:*",
      "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_12:*:*:*:*:*:*"
    ],
    "defaultStatus": "unaffected",
    "product": "QRadar SIEM",
    "vendor": "IBM",
    "versions": [
      {
        "lessThanOrEqual": "7.5.0 Update Pack 12",
        "status": "affected",
        "version": "7.5",
        "versionType": "semver"
      }
    ]
  }
]

Source	Link
ibm	www.ibm.com/support/pages/node/7237317

24 Aug 2025 11:46Current

CVSS 3.19.1

EPSS0.00271

CWE-73