March 6, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
DarkCrystal RAT aka DCRat – Active IOCs
March 3, 2025Security Researcher Unveils PoC for Actively Exploited Windows Vulnerability
March 3, 2025DarkCrystal RAT aka DCRat – Active IOCs
March 3, 2025Security Researcher Unveils PoC for Actively Exploited Windows Vulnerability
March 3, 2025
Severity
High
Analysis Summary
CVE-2025-0159 CVSS:9.1
IBM FlashSystem (IBM Storage Virtualize (8.5.0.0 through 8.5.0.13, 8.5.1.0, 8.5.2.0 through 8.5.2.3, 8.5.3.0 through 8.5.3.1, 8.5.4.0, 8.6.0.0 through 8.6.0.5, 8.6.1.0, 8.6.2.0 through 8.6.2.1, 8.6.3.0, 8.7.0.0 through 8.7.0.2, 8.7.1.0, 8.7.2.0 through 8.7.2.1) could allow a remote attacker to bypass RPCAdapter endpoint authentication by sending a specifically crafted HTTP request.
CVE-2025-0160 CVSS:8.1
IBM FlashSystem (IBM Storage Virtualize (8.5.0.0 through 8.5.0.13, 8.5.1.0, 8.5.2.0 through 8.5.2.3, 8.5.3.0 through 8.5.3.1, 8.5.4.0, 8.6.0.0 through 8.6.0.5, 8.6.1.0, 8.6.2.0 through 8.6.2.1, 8.6.3.0, 8.7.0.0 through 8.7.0.2, 8.7.1.0, 8.7.2.0 through 8.7.2.1) could allow a remote attacker with access to the system to execute arbitrary Java code due to improper restrictions in the RPCAdapter service.
Impact
- Gain Access
- Security Bypass
Indicators of Compromise
CVE
CVE-2025-0159
CVE-2025-0160
Affected Vendors
- IBM
Affected Products
- IBM Storage Virtualize 8.5.1.0, 8.5.2.0-8.5.2.3, 8.5.3.0-8.5.3.1, 8.5.4.0
- IBM Storage Virtualize 8.6.1.0, 8.6.2.0-8.6.2.1, 8.6.3.0
- IBM Storage Virtualize 8.7.1.0, 8.7.2.0-8.7.2.1
- IBM Storage Virtualize 8.5.0.0-8.5.0.13
- IBM Storage Virtualize 8.7.0.0-8.7.0.2
- IBM Storage Virtualize 8.6.0.0-8.6.0.5
Remediation
Refer to IBM Security Advisory for patch, upgrade, or suggested workaround information.