Primary

Context

IBM QRadar SIEM Privileged User Arbitrary Command Execution Vulnerability via Malicious Autoupdate File

Vulnerability

Patched

A vulnerability in IBM QRadar SIEM versions 7.5 through 7.5.0 Update Package 12 could allow a privileged user to alter configuration files. This modification could facilitate the upload of a harmful autoupdate file, which would execute arbitrary commands on the system.

Impact

Exploitation of this vulnerability could lead to unauthorized execution of commands with elevated privileges.

Remediation

Users are advised to update to IBM QRadar SIEM version 7.5.0 Update Package 12 Interim Fix 02.

Added: Jun 19, 2025, 6:23 PM

Updated: Jun 19, 2025, 6:23 PM

Vulnerability Rating

Custom Algorithm

spread

2.6

impact

7.5

exploitability

3.0

remediation

7.7

relevance

0.2

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

2.6

impact

7.5

exploitability

3.0

remediation

7.7

relevance

0.2

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

IBM QRadar SIEM Privileged User Arbitrary Command Execution Vulnerability via Malicious Autoupdate File

Vulnerability

Impact

Remediation

Affected Products

IBM QRadar SIEM

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating