{"id":53913,"date":"2025-06-21T11:07:34","date_gmt":"2025-06-21T11:07:34","guid":{"rendered":""},"modified":"2025-07-06T11:19:08","modified_gmt":"2025-07-06T17:19:08","slug":"cve-2025-33108-ibm-brms-elevation-of-privilege-vulnerability","status":"publish","type":"post","link":"https:\/\/www.ameeba.com\/blog\/cve-2025-33108-ibm-brms-elevation-of-privilege-vulnerability\/","title":{"rendered":"CVE-2025-33108: IBM BRMS Elevation of Privilege Vulnerability<\/strong>"},"content":{"rendered":"

Overview<\/strong><\/p>\n

The vulnerability in focus, CVE-2025-33108, is a critical security flaw affecting IBM’s Backup, Recovery and Media Services (BRMS) for i 7.4 and 7.5. This vulnerability could potentially allow a user with the capability to compile or restore a program to gain elevated privileges due to a library unqualified call made by a BRMS program. This flaw could be exploited by a malicious actor to execute user-controlled code with component access to the host operating system, thereby creating a potential for system<\/a> compromise or data leakage. Given the high severity of this vulnerability<\/a>, it is crucial for system administrators and IT security professionals to understand the implications of this flaw and act promptly to mitigate its potential impact.<\/p>\n

Vulnerability Summary<\/strong><\/p>\n

CVE ID: CVE-2025-33108
\nSeverity: High (8.5 – CVSS Score)
\nAttack Vector: Local
\nPrivileges Required: Low
\nUser Interaction: Required
\nImpact: Potential system<\/a> compromise or data leakage<\/p>\n

Affected Products<\/strong><\/p>

\r\n

\r\n \r\n \"Ameeba\r\n <\/a>\r\n A new way to communicate\r\n <\/h2>\r\n\r\n

\r\n Ameeba Chat is built on encrypted identity, not personal profiles.\r\n <\/p>\r\n\r\n

\r\n Message, call, share files, and coordinate with identities kept separate.\r\n <\/p>\r\n\r\n