216.73.216.133

CVE-2025-36238

· Published 02/02/2026 23:15 · Modified 03/02/2026 16:44

Labels: CVE-2025-36238 2026-02-02CVE-2025-36238CWE-497[email protected]

Essential information

Published
02/02/2026 23:15
Modified
03/02/2026 16:44
Author
Creator
CVSS
6.0 MEDIUM (v3.1)
CISA KEV
No
CWE
CVSS vector
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N

CVSS metrics

Description

IBM PowerVM Hypervisor FW1110.00 through FW1110.03, FW1060.00 through FW1060.51, and FW950.00 through FW950.F0 could allow a local user with administration privileges to obtain sensitive information from a Virtual TPM through a series of PowerVM service procedures.

NVD status

Status
Awaiting Analysis — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
ibm / powervm hypervisor cpe:2.3:a:ibm:powervm_hypervisor:1110.00-1110.03:*:*:*:*:*:*:*
ibm / powervm hypervisor cpe:2.3:a:ibm:powervm_hypervisor:1060.00-1060.51:*:*:*:*:*:*:*
ibm / powervm hypervisor cpe:2.3:a:ibm:powervm_hypervisor:950.00-950.F0:*:*:*:*:*:*:*

References