Rewterz

AsyncRAT – Active IOCs

April 24, 2025
Rewterz

Multiple Dell ECS Vulnerabilities

April 24, 2025

Multiple IBM Infosphere Information Server Vulnerabilities

Severity

Medium

Analysis Summary

CVE-2025-25046 CVSS:3.7

IBM InfoSphere Information Server DataStage Flow Designer transmits sensitive information via URL or query parameters that could be exposed to an unauthorized actor using man-in-the-middle techniques.

CVE-2025-25045 CVSS:4.3

A vulnerability exists in IBM InfoSphere Information Server where an authenticated user can access sensitive details through detailed technical error messages. These error responses potentially expose information that could be leveraged for subsequent system attacks.

CVE-2024-22351 CVSS:6.3

IBM InfoSphere Information Server does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system.

Impact

  • Gain Access
  • Information Disclosure

Indicators of Compromise

CVE

  • CVE-2025-25045

  • CVE-2025-25046

  • CVE-2024-22351

Affected Vendors

  • IBM

Affected Products

  • IBM InfoSphere Information Server - 11.7

Remediation

Refer to IBM Security Advisory for patch, upgrade, or suggested workaround information.

CVE-2025-25045

CVE-2025-25046

CVE-2024-22351

Reading this advisory was a good start.

Make it a habit.

Rewterz publishes threat advisories ahead of mainstream cybersecurity media, informed by an AI-Native Autonomous SOC that sees regional threat actor activity in real time. Subscribe to receive each new advisory as it publishes, plus a monthly Middle East threat landscape brief drawn from our own SOC telemetry. For teams evaluating their detection coverage, a 30-minute consultation with a senior analyst is also available, at your pace, when you're ready.