IBM Backup Services Flaw Allows Hackers to Gain Elevated Access
gbhackers
A critical security vulnerability has been identified in IBM’s Backup, Recovery, and Media Services (BRMS) for IBM i, potentially exposing enterprise environments to privilege escalation attacks.
The flaw, tracked as CVE-2025-33108, affects versions 7.4 and 7.5 of the BRMS software, which are widely used for automating backup and recovery operations on IBM i systems.
Nature of the Vulnerability
The vulnerability arises from a library unqualified call within the BRMS software.
This technical oversight means the program references system libraries without specifying secure paths, allowing users with the ability to compile or restore programs to redirect those calls to their code.
In practical terms, a malicious actor with limited privileges could exploit this flaw to execute arbitrary, user-controlled code with elevated system access, potentially compromising the entire host operating system.
| Summary of the vulnerability | Details |
| CVE ID | CVE-2025-33108 |
| Affected Products | IBM Backup, Recovery ... |
Copyright of this story solely belongs to gbhackers . To see the full text click HERE