Primary

Context

IBM Db2 Privilege Escalation Vulnerability

Vulnerability

Patched

A vulnerability in IBM Db2 versions 12.1.0 through 12.1.3 for Linux, UNIX, and Windows (including Db2 Connect Server) could allow a local user to execute malicious code that escalates privileges to root. This issue arises from the execution of unnecessary privileges at a level higher than minimum required.

Impact

Exploitation of this vulnerability could lead to unauthorized privilege escalation, allowing a local user to gain root access.

Remediation

Users can download a special build containing the interim fix for this vulnerability from Fix Central. These special builds are available for Db2 versions 12.1.2 and 12.1.3 and can be applied to any affected level of the appropriate release.

Added: Nov 7, 2025, 7:32 PM

Updated: Nov 7, 2025, 7:32 PM

Vulnerability Rating

Custom Algorithm

spread

4.5

impact

7.5

exploitability

3.5

remediation

7.7

relevance

1.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

4.5

impact

7.5

exploitability

3.5

remediation

7.7

relevance

1.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

IBM Db2 Privilege Escalation Vulnerability

Vulnerability

Impact

Remediation

Affected Products

IBM Db2

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating