CVE-2025-2947

Summary

CVE-2025-2947 is a privilege escalation vulnerability affecting IBM i 7.6. An issue with incorrect profile swapping in an OS command allows malicious actors to elevate their privileges, potentially gaining root access to the host operating system. This vulnerability poses a significant risk to IBM i 7.6 systems, particularly those with weak access control measures in place. System administrators are advised to apply the necessary patches to mitigate this risk. Failing to address this vulnerability could enable unauthorized users to gain administrative control, potentially leading to data theft or system damage. IBM i 7.6 users are urged to prioritize patching this issue as soon as possible to secure their systems against potential attacks. This vulnerability highlights the importance of implementing strong access control measures and keeping software up-to-date to minimize the risk of privilege escalation attacks. IBM i 7.6 users should be vigilant in monitoring their systems for suspicious activities and promptly respond to any suspected security incidents.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.