- Description
- IBM Security Verify Access and IBM Security Verify Access Docker 10.0.0.0 through 10.0.9.0 and 11.0.0.0 through 11.0.1.0 could allow a locally authenticated user to escalate their privileges to root due to execution with more privileges than required.
- Source
- psirt@us.ibm.com
- NVD status
- Analyzed
- Products
- security_verify_access, security_verify_access_docker, verify_identity_access, verify_identity_access_docker
CVSS 3.1
- Type
- Secondary
- Base score
- 9.3
- Impact score
- 6
- Exploitability score
- 2.5
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
- Severity
- CRITICAL
- psirt@us.ibm.com
- CWE-250
- Hype score
- Not currently trending
#VulnerabilityReport #CVE202536356 Critical Flaw CVE-2025-36356 (CVSS 9.3) in IBM Security Verify Access Allows Root Privilege Escalation https://t.co/6T2Whyk4Oq
@Komodosec
14 Nov 2025
28 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
IBM Verify Access/Verify Identity Accessに複数の脆弱性(CVE-2025-36356) https://t.co/bvSQL5kEp4 #セキュリティ対策Lab #セキュリティ #Security
@securityLab_jp
9 Oct 2025
15 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-36356 IBM Security Verify Access and IBM Security Verify Access Docker 10.0.0.0 through 10.0.9.0 and 11.0.0.0 through 11.0.1.0 could allow a locally authenticated user to e… https://t.co/iqWk7A1xDZ
@CVEnew
6 Oct 2025
25 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CVE-2025-36356: IBM Security Verify Access privi... Local-to-root privilege escalation in IBM Verify Access exploits excessive privilege execution - trivial for any authen... https://t.co/5ymCsTlSk5 #netsec #vulnerability #CVE #sysadmin #zeroday
@0dayPublishing
6 Oct 2025
6 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:security_verify_access:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CCA4ADF8-014B-4A43-AE12-CC7D46B0F8BF",
"versionEndExcluding": "10.0.9.0",
"versionStartIncluding": "10.0.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_verify_access:10.0.9.0:-:*:*:*:*:*:*",
"matchCriteriaId": "9916DF0F-8A3E-4CB4-957F-286E168666A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_verify_access:10.0.9.0:interim_fix1:*:*:*:*:*:*",
"matchCriteriaId": "05FBA01C-DDCD-4B80-B14B-81DAB052CC8D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_verify_access:10.0.9.0:interim_fix2:*:*:*:*:*:*",
"matchCriteriaId": "149CA168-1117-4B50-8F5A-B72D4BCC65F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_verify_access_docker:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FFF4D7D4-0D01-44CA-84A2-2EA59802D1CB",
"versionEndExcluding": "10.0.9.0",
"versionStartIncluding": "10.0.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_verify_access_docker:10.0.9.0:-:*:*:*:*:*:*",
"matchCriteriaId": "7E76C6CF-1E2A-403E-9C7F-619BE2057468",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_verify_access_docker:10.0.9.0:interim_fix1:*:*:*:*:*:*",
"matchCriteriaId": "B8BF3374-6B03-4A25-9F4D-F88C091804C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_verify_access_docker:10.0.9.0:interim_fix2:*:*:*:*:*:*",
"matchCriteriaId": "C8D09601-F55B-4307-8BEE-218F5CAC2138",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:verify_identity_access:*:*:*:*:*:*:*:*",
"matchCriteriaId": "16595130-3A46-4DD1-9DAA-53E534306975",
"versionEndExcluding": "11.0.1.0",
"versionStartIncluding": "11.0.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:verify_identity_access:11.0.1.0:-:*:*:*:*:*:*",
"matchCriteriaId": "4A7A934C-F8B6-44D1-9591-A3FDB86BEECB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:verify_identity_access_docker:*:*:*:*:*:*:*:*",
"matchCriteriaId": "81BD4D96-C9E9-422B-B18A-61ECFE711884",
"versionEndExcluding": "11.0.1.0",
"versionStartIncluding": "11.0.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:verify_identity_access_docker:11.0.1.0:-:*:*:*:*:*:*",
"matchCriteriaId": "0C06D5AD-67DD-46FA-BDF7-39A2E0EAAF95",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
]