CVE-2025-36236

Published Nov 13, 2025

Last updated 4 months ago

CVSS high 8.2

Overview

Description
IBM AIX 7.2, and 7.3 and IBM VIOS 3.1, and 4.1 NIM server (formerly known as NIM master) service (nimesis) could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request to write arbitrary files on the system.
Source
psirt@us.ibm.com
NVD status
Analyzed
Products
vios, aix

Risk scores

CVSS 3.1

Type
Primary
Base score
9.1
Impact score
5.2
Exploitability score
3.9
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Severity
CRITICAL

Weaknesses

psirt@us.ibm.com
CWE-22

Social media

Hype score
Not currently trending

  1. Use CVE-2025-36236 to drop a malicious payload in a system directory. Use CVE-2025-36250 to execute it remotely without authentication. Use CVE-2025-36251 to hijack secure connections. Use CVE-2025-36096 to steal private keys and pivot to every other AIX server on the network

    @marc_vanlommel

    19 Nov 2025

    33 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  2. 🚨Alert🚨:AIX is vulnerable to arbitrary command execution (CVE-2025-36251,CVE-2025-36250), insufficiently protected credentials (CVE-2025-36096), and path traversal (CVE-2025-36236). -------------------- CVE-2025-36250 (CVSS 10.0) : Remote Command Execution via nimesis https

    @HunterMapping

    17 Nov 2025

    3133 Impressions

    10 Retweets

    29 Likes

    16 Bookmarks

    1 Reply

    0 Quotes

  3. Security Bulletin: AIX is vulnerable to arbitrary command execution (CVE-2025-36251, CVE-2025-36250), insufficiently protected credentials (CVE-2025-36096), and path traversal (CVE-2025-36236) https://t.co/XHQ3xFncik 『(直訳)AIX

    @taku888infinity

    17 Nov 2025

    1031 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  4. **CVE-2025-36236** is a high-severity vulnerability affecting IBM AIX versions 7.2 and 7.3, as well as IBM Virtual I/O Server (VIOS) versions 3.1 and 4.1. The flaw resides in the **NIM (Network Install Manager) server service (nimesis)**, which enables remote attackers to perform

    @CveTodo

    13 Nov 2025

    27 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

Configurations

Related CVEs

  1. IBM AIX 7.2, and 7.3 and IBM VIOS 3.1, and 4.1 nimsh service SSL/TLS implementations could allow a remote attacker to execute arbitrary commands due to improper process controls. This addresses additional attack vectors for a vulnerability that was previously addressed in CVE-2024-56347.CVE-2025-36251
  2. IBM AIX 7.2, and 7.3 and IBM VIOS 3.1, and 4.1 NIM server (formerly known as NIM master) service (nimesis) could allow a remote attacker to execute arbitrary commands due to improper process controls.  This addresses additional attack vectors for a vulnerability that was previously addressed in CVE-2024-56346.CVE-2025-36250
  3. IBM AIX 7.2, and 7.3 and IBM VIOS 3.1, and 4.1 stores NIM private keys used in NIM environments in an insecure way which is susceptible to unauthorized access by an attacker using man in the middle techniques.CVE-2025-36096
  4. IBM AIX 7.2, 7.3, IBM VIOS 3.1, and 4.1, when configured to use Kerberos network authentication, could allow a local user to write to files on the system with root privileges due to improper initialization of critical variables.CVE-2025-36244
  5. IBM AIX 7.3 and IBM VIOS 4.1.1 Perl implementation could allow a non-privileged local user to exploit a vulnerability to execute arbitrary code due to improper neutralization of pathname input.CVE-2025-33112

References

Sources include official advisories and independent security research.