AI description
CVE-2025-13375 is a security vulnerability found in specific versions of IBM's Common Cryptographic Architecture (CCA), including versions 7.5.52 and 8.4.82. This flaw, categorized under CWE-250 for improper authorization, enables an unauthenticated attacker to execute arbitrary commands on the affected system with elevated privileges. The vulnerability allows for the bypass of authentication and authorization mechanisms, making it remotely exploitable without requiring any user interaction. The CCA acts as a software interface for IBM Hardware Security Modules (HSMs), which are designed to protect digital keys and sensitive encrypted data. Exploitation of CVE-2025-13375 could impact the confidentiality, integrity, and availability of the cryptographic card and its dependent applications, potentially leading to unauthorized data access, data modification, or disruption of system operations.
- Description
- IBM Common Cryptographic Architecture (CCA) 7.5.52 and 8.4.82 could allow an unauthenticated user to execute arbitrary commands with elevated privileges on the system.
- Source
- psirt@us.ibm.com
- NVD status
- Awaiting Analysis
CVSS 3.1
- Type
- Primary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
- psirt@us.ibm.com
- CWE-250
- Hype score
- Not currently trending
IBMのHSM連携基盤「CCA」に深刻な脆弱性(CVE-2025-13375) 早急な更新を推奨 https://t.co/qEaVS1Lkha
@cloudsec_news
10 Feb 2026
38 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-13375: Critical IBM Crypto Flaw (CVSS 9.8) Exposes HSMs https://t.co/bJUt73gAMZ
@Karma_X_Inc
7 Feb 2026
49 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-13375: Critical IBM Crypto Flaw (CVSS 9.8) Exposes HSMs https://t.co/JuN1cnyjyI
@CrowdCyber_Com
7 Feb 2026
51 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
CVE-2025-13375: Critical IBM Crypto Flaw (CVSS 9.8) Exposes Hardware Security Modules - Time to update those IBM cryptographic coprocessors, folks. #cybersecurity #ibm #vulnerability #cryptography https://t.co/Dy4N53HPRt
@xplain_it_again
7 Feb 2026
62 Impressions
0 Retweets
0 Likes
0 Bookmarks
2 Replies
0 Quotes
IBMはCommon Cryptographic Architecture(CCA)における深刻な脆弱性CVE-2025-13375を公表した。CVSSは9.8と極めて高く、外部から到達可能な場合、未認証の攻撃者が任意のコマンドを管理者権限で実行できる。
@yousukezan
6 Feb 2026
867 Impressions
0 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes
IBMの暗号コンポーネントCommon Cryptographic Architecture (CCA)に重大(Critical)な脆弱性。CVE-2025-13375はCVSSスコア9.8で、無認証の攻撃者が特権で任意コードを実行可能。HSMも露出する影響。 https://t.co/kj1fBlDqy3
@__kokumoto
6 Feb 2026
780 Impressions
0 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes
IBM warns of critical flaw CVE-2025-13375 (CVSS 9.8) in CCA software. Unauthenticated attackers can hijack HSMs. Update to v7.5.53/v8.4.84 now. #IBM #CyberSecurity #CVE202513375 #HSM #InfoSec #Cryptography #SysAdmin https://t.co/17lvPBbwvv
@the_yellow_fall
6 Feb 2026
242 Impressions
1 Retweet
2 Likes
0 Bookmarks
0 Replies
0 Quotes
[CVE-2025-13375: CRITICAL] IBM Common Cryptographic Architecture (CCA) 7.5.52 and 8.4.82 could allow an unauthenticated user to execute arbitrary commands with elevated privileges on the system.#cve,CVE-2025-13375,#cybersecurity https://t.co/cIxUmR52WE
@CveFindCom
5 Feb 2026
95 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-13375 IBM Common Cryptographic Architecture (CCA) 7.5.52 and 8.4.82 could allow an unauthenticated user to execute arbitrary commands with elevated privileges on the system. https://t.co/fcHvUCPWqj
@CVEnew
4 Feb 2026
144 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes